Snort mailing list archives
RE: Snort - MySql - ACID and multiple sensors
From: "Michael Steele" <michaels () silicondefense com>
Date: Wed, 19 Sep 2001 07:00:02 -0700
Bill, All you need to do is, specify the appropriate hostname in his 'output database' line, and then grant select and insert privilage to snort@remotehost, where snort is the name of your database user and remotehost is the name of the machine which is remote to the mysql box. -Mike Commercial Snort Support 1.866.41.SNORT Silicon Defense - www.silicondefense.com Michael Steele - Snort Support Technician -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of bhayes () unlnotes unl edu Sent: Monday, September 17, 2001 1:34 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort - MySql - ACID and multiple sensors I am having some trouble getting snort to log to a mysql server. One remote snort host did properly connect to the mysql host once. ACID did correctly identify the sensor ID and its interface once. However, the database did not pick up any alerts, even after using a nework-based vulnerability scanner. The sensor has subsequently refused to connect to the mysql host. Snort complains that it is unable to connect to the Mysql server and then times out. Setting up the sensor and the mysql server as standalone snort hosts works well. Snort logs everyhing from the proper interface. Any ideas of where to look for this problem? I am not yet subscribed to the list, so please respond directly. Many thanks! Bill... _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort - MySql - ACID and multiple sensors bhayes (Sep 17)
- RE: Snort - MySql - ACID and multiple sensors Michael Steele (Sep 19)