Snort mailing list archives
Re: Multiple Interfaces with mysql & acid
From: "Guillaume" <guillaume () anteria fr>
Date: Tue, 12 Feb 2002 11:52:10 +0100 (CET)
Dans son précédent message Steven Williams écrivait :
My next challenge is to load up multiple interfaces on this server for various networks. I know I have to write multiple services with each having the different interface id's, but do I log this to the same mysql database or do I create a new database for each interface or instance and customise a acid report for each?
Hi. You can (should?) use the same DB to log all your sensors's alerts. I use to do that, it works fine. You also can set up a special name for each of you snort instance that will be used in the DB to identify each sensor. By default, it will be printed out like "ip_address_or_sensor_hostname:nic_id" on the DB. You can specify a id name for your sensor by adding the parameter sensor_name on your snort.conf file : output database: log, mysql, dbname=snort user=jed host=localhost password=xyz sensor_name=lan_sensor Regards, Guillaume [ Sent with SquirrelMail - http://www.squirrelmail.org ] _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Multiple Interfaces with mysql & acid Steven Williams (Feb 12)
- Re: Multiple Interfaces with mysql & acid Guillaume (Feb 12)