Snort 2.1.3 under Redhat Linux 9.0 is _not_ logging to mysql like it should....

[Marc Hultquist <marc () cks co za>]

Hi Everyone

I have just finished installing snort for redhat 9.0, I used the binary .rpm 
files provided on the snort.org/dl/ site and well that all went well, firstly 
I installed the snort-x.x.x.rpm file, then the snort-mysql.x.x.x.rpm file, 
all went well and snort starts up fine.

However when I uncomment the line in my snort.conf file as follows
output database: log, mysql, user=snort password=snort dbname=snort 
host=localhost

and I restart snort, snort will still log to /var/log/snort/alert as apposed 
to logging to the mysql database, I have created all the acid/snort tables 
into the database, I have even done a grant all on snort.* to snort@localhost 
identified by 'snort' ! But yet it still logs to the alerts file as apposed 
to the sql db.... Can anyone PLEASE help me here as its getting rather 
painful now and I just cannot see a _single_ logical explanation for this :
\ ! I have set the adodb and jpgraph etc settings correctly, I set my dbtype 
to be mysql, but ya as I said it does not log to the database, it ONLY logs 
to the alerts file in /var/log/snort/alerts ! 

:-(
-- 
 Marc Hultquist (marc () cks co za)
 Computerkit Systems (Pty) Ltd
 http://www.cks.co.za
 Quote: Verily the lust for comfort murders the passion of the soul, and then 
walks grinning in the funeral!
 ---------------------- OmniCode 0.1.6 -----------------------
 sxy cm178 kg86 skf1eae4 ha7d4419 ey336699 es= sp= Ag1984 anE hdd ZoD RlD Kd! 
PeD FHg UFAJ IN9 AdC Prbash(7)^(9)
 ----------- Omnicode http://www.gadgeteer.net/omnicode/ ----------- 
Confidentiality Notice:
The above message and all attachments may contain privileged and confidential information intended only for the person 
or entity to which it is addressed. Any review, retransmission, dissemination, copy or other use of, or taking of any 
action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you 
received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and thereafter 
delete the material from your computer. Any views expressed in this message are those of the individual sender, except 
where the sender specifically states them to be the view of the entity transmitting the message.  Computerkit Retail 
Systems (Pty) Ltd hereby distances itself from and accepts no liability in respect of the unauthorised use of its 
e-mail facility or the sending of e-mail communications for other than strictly business purposes


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users