Snort mailing list archives
Snort 2.1.3 under Redhat Linux 9.0 is _not_ logging to mysql like it should....
From: Marc Hultquist <marc () cks co za>
Date: Wed, 8 Dec 2004 07:32:31 +0200
Hi Everyone I have just finished installing snort for redhat 9.0, I used the binary .rpm files provided on the snort.org/dl/ site and well that all went well, firstly I installed the snort-x.x.x.rpm file, then the snort-mysql.x.x.x.rpm file, all went well and snort starts up fine. However when I uncomment the line in my snort.conf file as follows output database: log, mysql, user=snort password=snort dbname=snort host=localhost and I restart snort, snort will still log to /var/log/snort/alert as apposed to logging to the mysql database, I have created all the acid/snort tables into the database, I have even done a grant all on snort.* to snort@localhost identified by 'snort' ! But yet it still logs to the alerts file as apposed to the sql db.... Can anyone PLEASE help me here as its getting rather painful now and I just cannot see a _single_ logical explanation for this : \ ! I have set the adodb and jpgraph etc settings correctly, I set my dbtype to be mysql, but ya as I said it does not log to the database, it ONLY logs to the alerts file in /var/log/snort/alerts ! :-( -- Marc Hultquist (marc () cks co za) Computerkit Systems (Pty) Ltd http://www.cks.co.za Quote: Verily the lust for comfort murders the passion of the soul, and then walks grinning in the funeral! ---------------------- OmniCode 0.1.6 ----------------------- sxy cm178 kg86 skf1eae4 ha7d4419 ey336699 es= sp= Ag1984 anE hdd ZoD RlD Kd! PeD FHg UFAJ IN9 AdC Prbash(7)^(9) ----------- Omnicode http://www.gadgeteer.net/omnicode/ ----------- Confidentiality Notice: The above message and all attachments may contain privileged and confidential information intended only for the person or entity to which it is addressed. Any review, retransmission, dissemination, copy or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this message in error, please notify the sender immediately by e-mail, facsimile or telephone and thereafter delete the material from your computer. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the view of the entity transmitting the message. Computerkit Retail Systems (Pty) Ltd hereby distances itself from and accepts no liability in respect of the unauthorised use of its e-mail facility or the sending of e-mail communications for other than strictly business purposes ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort 2.1.3 under Redhat Linux 9.0 is _not_ logging to mysql like it should.... Marc Hultquist (Dec 07)