Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MY SQL, SNORT.

From: Jacques <jbrierre () bellsouth net>
Date: Mon, 14 Apr 2003 09:03:57 -0500
Also, was snort compiled with with the '--mysql=DIR' directive?

-jacques.

On Monday, April 14, 2003, at 08:26  AM, David Markle wrote:


Which doc did you use for your specific install?  Patrick S. Harper
[lists () internetsecurityguru com] put out a real nice doc for installing
these components on RH,
(http://www.internetsecurityguru.com/documents/snort_acid_rh8.pdf).
Specifically what are the errors you are having? Did you put the correct entry for the databases output plug in your snort.conf? Patrick's paper 
detail a nice method to test your install, so try it first.

First, verify that all of the applicable services are running, (apache,
mysql, snort). Then you should be able to match up the user, database, and password from the snort.conf line and manually run a test from the command 
line.  For example:
From my snort.conf: (notice "yourpwd" will be your password without the 
""'s)
output database: alert, mysql, user=root password="yourpwd" dbname=snort 
host=localhost

From the command line:
#mysql -u root -p"yourpwd" <enter>   (no space after the -p)

This will give you a mysql prompt:
mysql> use snort          (here I am selecting the snort DB)
mysql> show tables;     (this will spit out the table structure for the
snort DB)
Unfortunately, I need more information to help you out further. You may have problems originating from the install. Its hard to tell. Please let 
me know if you need more help.

dm

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net]On Behalf Of rehanann
Sent: Saturday, April 12, 2003 1:38 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] MY SQL, SNORT.
I install SNORT 1.9.1 ,in RH 8 preinstalled is MYSQL, APACHE, and PHP at last I install ACID and with other components the problem is mysql could not log any events and i setup the machine very intensively with proper 
documents so please give me quick idea about to solve the problem.

thanks.

Rehan Anwer.




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: