Trouble to log trace into database

["Juan" <juanca () andrew cmu edu>]

Hi,
I have a trace file with some packets I am trying to analyze. I am trying to
load the trace into a mysql database but nothing gets logged. 
My rules file looks like this:
# RULES
log tcp any any -> any any
log udp any any -> any any

And if I just run snort without loading from file, this rules logs every tcp
and udp header just fine into the database. Now when I run:
C:\Snort\bin>snort -r c:\trace.eth -c c:\Snort\etc\snort-mod.conf \
        -l c:\Snort\log

I do not get any error but nothing gets logged to the database. See below
Can anyone give me a hint of what am I doing wrong?

Thanks,
J


======================================================================
database: compiled support for ( mysql odbc )
database: configured to use mysql
database:          user = snort
database: password is set
database: database name = snort
database:          host = localhost
database:   sensor name = TRUSS:[reading from a file]
database:     sensor id = 2
database: schema version = 106
database: using the "log" facility
2 Snort rules read...
2 Option Chains linked into 2 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++
+-----------------------[thresholding-config]-------------------------------
---
| memory-cap : 1048576 bytes
+-----------------------[thresholding-global]-------------------------------
---
| none
+-----------------------[thresholding-local]--------------------------------
---
| none
+-----------------------[suppression]---------------------------------------
---
| none
----------------------------------------------------------------------------
---
Rule application order: ->activation->dynamic->alert->pass->log
        --== Initialization Complete ==--
-*> Snort! <*-
Version 2.2.0-ODBC-MySQL-FlexRESP-WIN32 (Build 30)
By Martin Roesch (roesch () sourcefire com, www.snort.org)
1.7-WIN32 Port By Michael Davis (mike () datanerds net,
www.datanerds.net/~mike)
1.8 - 2.x WIN32 Port By Chris Reid (chris.reid () codecraftconsultants com)
Run time for packet processing was 0.501000 seconds
============================================================================
Snort processed 84158 packets.
===========================================================================
Breakdown by protocol:
    TCP: 53451     (17.356%)
    UDP: 28239     (37.124%)
   ICMP: 13803      (1.561%)
    ARP: 3240       (0.231%)
  EAPOL: 0          (0.000%)
   IPv6: 0          (0.000%)
    IPX: 0          (0.000%)
  OTHER: 8916       (1.008%)
DISCARD: 377709     (42.720%)
============================================================================
===
Action Stats:
ALERTS: 0
LOGGED: 0
PASSED: 0
============================================================================
===
Final Flow Statistics
,----[ FLOWCACHE STATS ]----------
Memcap: 10485760 Overhead Bytes 16400 used(%0.156403)/blocks (16400/1)
Overhead
blocks: 1 Could Hold: (0)
IPV4 count: 0 frees: 0 low_time: 0, high_time: 0, diff: 0h:00:00s
    finds: 0 reversed: 0(%0.000000)
    find_sucess: 0 find_fail: 0 percent_success: (%0.000000) new_flows: 0
database: Closing connection to database ""
Snort exiting




-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users