Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort not logging to MySQL in windows environment.

From: Ramamohan Vatyam <ramamohan.vatyam () ril com>
Date: Wed, 24 Dec 2008 11:26:25 +0530 (IST)


Dear All, 



We are pretty new to Snort. Our environment is as below: snort 2.8, IDSPM 2.2.0.24 on windows 2K3. 


1. We  have configured three local rules with any to any (icmp, tcp and udp protocols) and pushed frpm IDSPM (2.2.0.24) 
 
2. Got updated on the snort running on the same local machine. 
3. Folders with different IP address are gettting created in the Log directory. 
4. If I open any file in the folder, logs are generated with the rules created above. 
5. Alert.ids file size is also increasing. 
6. Problem: Logs are not getting into MySQL. 
7. Tested with command : C:\Snort\bin>snort -dev -c c:\Snort\etc\snort.conf -l C:\Snort\log -i3 
8. A log file by name snort.log.xxxx is reated and some rows are getting inserted to MySQL 
9.But normal traffic logs are not getting updated in the MySQL. 

Please help... 

Thanks and Regards, 


Rama Mohan V.V.S, 

 HP:+91-9987001939 
E-Mail: ramamohan.vatyam () ril com 
"Confidentiality Warning: This message and any attachments are intended only for the use of the intended recipient(s). 
are confidential. and may be privileged. If you are not the intended recipient. you are hereby notified that any 
review. re-transmission. conversion to hard copy. copying. circulation or other use of this message and any attachments 
is 
strictly prohibited. If you are not the intended recipient. please notify the sender immediately by return email. 
and delete this message and any attachments from your system.

Virus Warning: Although the company has taken reasonable precautions to ensure no viruses are present in this email. 
The company cannot accept responsibility for any loss or damage arising from the use of this email or attachment."

------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: