Snort mailing list archives
Re: Sensor logging at remote mysql db
From: "Luis Claudio R. da Silveira" <lsilveira () tse gov br>
Date: Tue, 9 Mar 2004 13:39:39 -0300
Hi Michael, after I've created an user snort at <ip sensor> at my remote mysql and granted all privileges to this user, I followed your advice setting output line in snort.conf properly. And all it's working fine now. Thanks for your help. My best regards, Luis Claudio From: "Michael Steele" <michaels () winsnort com> To: <snort-users () lists sourceforge net> Sent: Monday, March 08, 2004 8:29 PM Subject: RE: [Snort-users] Sensor logging at remote mysql db
luis claudio silveira, You can specify the IP and for the remote MySQL database in the snort.conf file in the output database line. You will do exactly as a local database but set the host= to the IP of Remote MySQL Database server. Make sure you have a clear shot from the Snort sensor to the Remote MySQL server. With the remote MySQL server running you should be able to telnet from the Snort sensor to the remote MySQL server on port 3306 or 3307, and get a response (MySQL version) from the remote MySQL database. It always a plus when you can have a standalone remote MySQL database. Kindest regards, The WINSNORT.com Management Team -- Pick up your FREE Windows or UNIX Snort installation guides mailto:support () winsnort com Website: http://www.winsnort.com Snort: Open Source Network IDS - http://www.snort.org-----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users- admin () lists sourceforge net] On Behalf Of Luis Claudio R. da Silveira Sent: Monday, March 08, 2004 12:47 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Sensor logging at remote mysql db Hi all, I've configurated a snort sensor in a linux box and a remote mysql console (ACID console) running on a Windows machine. I need to know if it's possible make the sensor machine send its output directly to this remote mysql
db.
Is it necessary to install mysql at sensor machine?? And considerations
about
performance? Is it this choice better than setup mysql db running at the same sensor machine? I've appreciate any help for my doubt. thanks in advance, luis claudio silveira ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Sensor logging at remote mysql db Luis Claudio R. da Silveira (Mar 08)
- RE: Sensor logging at remote mysql db Michael Steele (Mar 08)
- Re: Sensor logging at remote mysql db Luis Claudio R. da Silveira (Mar 09)
- Re: Sensor logging at remote mysql db AJ Butcher, Information Systems and Computing (Mar 10)
- Re: Sensor logging at remote mysql db Luis Claudio R. da Silveira (Mar 09)
- RE: Sensor logging at remote mysql db Michael Steele (Mar 08)