Snort mailing list archives
Re: Snort w/ Base not recording hits.
From: Kevin Johnson <kjohnson () secureideas net>
Date: Fri, 19 Aug 2005 17:43:00 -0400
Hi- On Fri, 2005-08-19 at 16:40 -0400, George Laiacona wrote:
I'm running Snort 2.3 with MySQL and BASE 1.0.1,
First, I would recommend upgrading to a newer version of BASE. We are at 1.1.4 and this has fixed a number of bugs from 1.0.1.
and it appears as though Snort is not picking up any alerts.
This sounds like Snort is not running.
Just quit out of the blue one day a couple of weeks back, and I'm at a loss as to why. I can't figure out which piece stopped working. I don't see Snort in the ps -A list,
This makes the my statement above seem correct.
but if I quit mysqld, I get a "Snort cannot connect to database" error in BASE.
BASE would not know if Snort can communicate with the DB. I think the error you are seeing is "Can not connect to the Snort database." This makes sense if mysqld is shut down.
Some pointers as to what to look for would be appreciated, thanks.
I would restart Snort and your problem should go away.
George A. Laiacona III Systems Manager Aiken County Government
Hope that helps, Kevin --------------------- BASE Project Lead http://sourceforge.net/projects/secureideas http://base.secureideas.net The next step in IDS analysis!
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Snort w/ Base not recording hits. George Laiacona (Aug 19)
- Re: Snort w/ Base not recording hits. Kevin Johnson (Aug 19)