Snort mailing list archives
Re: snort unable to log alert to database mysql
From: Joel Esler <jesler () sourcefire com>
Date: Sun, 2 Dec 2012 11:40:26 -0500
No. We didn't fail to remove it. When it was removed, it was removed. We've been asking people not to use it forever. -- Joel Esler Sent from my iPad On Dec 2, 2012, at 11:05 AM, "Michael Steele" <michaels () winsnort com> wrote:
I think the problem might be that Sourcefire failed to remove the database output option in some of the Snort releases after the option had been deprecated leaving users, especially new users, with the assumption that Snort would handle database output. It seems to me Snort could display a more descriptive error message when the ‘database’ output plugin option has been detected in the snort.conf. I think users can look at Banyard2 the same way as they have database options listed in the configuration file that are not supported. Michael... WINSNORT.com Management Team -- ****************** Established ~ 2001 ******************* * Visit Us @ http://www.winsnort.com * * ~~ FREE WinIDS Snort installation guides ~~ * * ~~ FREE support forums ~~ * * Snort: Open Source Network IDS - http://www.snort.org * ********************************************************* From: Y M [mailto:snort () outlook com] Sent: Sunday, December 02, 2012 8:58 AM To: TermVRL M; Snort User (snort-users () lists sourceforge net); snort-users-request () lists sourceforge net Subject: Re: [Snort-users] snort unable to log alert to database mysql Which version of snort are you using? At my best knowledge, snort's own database output plugin is deprecated since 2.9.3.x. In that case, you will have to use barnyard2 to get alerts into the database. YM From: TermVRL M Sent: 12/2/2012 4:42 PM To: Snort User (snort-users () lists sourceforge net); snort-users-request () lists sourceforge net Subject: [Snort-users] snort unable to log alert to database mysql Hi all, i get this error when try to log snort output to database.. ERROR: /usr/local/snort/etc/snort.conf(535) Unknown output plugin: "database" ------------------------------------------------------------------------------ Keep yourself connected to Go Parallel: DESIGN Expert tips on starting your parallel project right. http://goparallel.sourceforge.net/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Keep yourself connected to Go Parallel: DESIGN Expert tips on starting your parallel project right. http://goparallel.sourceforge.net/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- snort unable to log alert to database mysql TermVRL M (Dec 02)
- <Possible follow-ups>
- Re: snort unable to log alert to database mysql Y M (Dec 02)
- Re: snort unable to log alert to database mysql Michael Steele (Dec 02)
- Re: snort unable to log alert to database mysql Joel Esler (Dec 02)
- Re: snort unable to log alert to database mysql Michael Steele (Dec 02)
- Re: snort unable to log alert to database mysql Michael Steele (Dec 02)
- Re: snort unable to log alert to database mysql Y M (Dec 02)