Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Barnyard2 MySQL DB Error

From: "Matt M." <mr10001 () gmail com>
Date: Fri, 12 Sep 2014 13:28:45 -0500
Thank you for this!

On Fri, Sep 12, 2014 at 4:28 AM, Sharif Uddin <Sharif.Uddin () spectrumasa com>
wrote:


 You don’t need to manually create the schema or database.





If you start mysql then start snorby, snorby will create database and
schema for you.



Then start snort and banryard2.





If you want to start over after tuning stop everything, delete databases,
start snorby which will recreate db , start snort, barnyard.





Works well for me



*From:* Bill Bernsen [mailto:bill.bernsen () nyu edu]
*Sent:* 11 September 2014 20:09
*To:* Matt M.
*Cc:* snort-users
*Subject:* Re: [Snort-users] Barnyard2 MySQL DB Error



I assume that's right but I'm not a snorby user.  Good luck!



On Wed, Sep 10, 2014 at 2:47 PM, Matt M. <mr10001 () gmail com> wrote:

Bill,



Thanks for the tip!  I think that did the trick.



I just tried using this create_mysql
<https://github.com/eldondev/Snort/blob/master/schemas/create_mysql> script
I found, which was the same one, after bumping into this post
<http://www.andrew.cmu.edu/user/rdanyliw/snort/snortdb/snortdb_install.html>
.



Now, the question is... To get Snorby running correctly, do I need to do
the following in this order?



1. Start the mysql service/daemon

2. Start snort

3. Start barnyard

4. Start snorby



Thanks again!





On Wed, Sep 10, 2014 at 1:39 PM, Bill Bernsen <bill.bernsen () nyu edu>
wrote:

Hi Matt,

Did you apply the appropriate database schema found in the schema folder
in barnyard2's source?

CREATE DATABASE snort;

Only creates an empty database named snort, you then need to apply the db
application appropriate schema to the database to set up the table
structure.

Cheers,

Bill



On Wed, Sep 10, 2014 at 2:21 PM, Matt M. <mr10001 () gmail com> wrote:

  Hello,



Just ran into an error that I cannot seem to resolve and wondering if
anyone has any ideas.



*Ran*: /usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d
/private/var/log/snort -f snort.log



*ERROR: *[Select()]: Failed to execute  query [SELECT vseq FROM `schema`]
, will retry



Attempted to do the following...

mysql> GRANT SELECT ON snort.schema TO snorby@localhost;

ERROR 1146 (42S02): Table 'snort.schema' doesn't exist



Could this be an indication that my snort database was not setup correctly?

iirc the database was setup by running "CREATE DATABASE snort;"

Appreciate any ideas on this one.

--

M., CISSP, GCFE, GCFA

*“**To disagree leads to study, to study leads to understanding, to
understand is to appreciate, to appreciate is to love. So maybe I’ll end up
loving your theory.” -John Wheeler*




------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.

http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort news!




--

Bill Bernsen                                                    Network
Security Analyst

ITS Technology Security Services, New York University
http://www.nyu.edu/its/security





--

Matt M., CISSP, GCFE, GCFA

*“**To disagree leads to study, to study leads to understanding, to
understand is to appreciate, to appreciate is to love. So maybe I’ll end up
loving your theory.” -John Wheeler*




--

Bill Bernsen                                                    Network
Security Analyst

ITS Technology Security Services, New York University
http://www.nyu.edu/its/security

IMPORTANT - This message and any attached files contain information
intended for the exclusive use of the party or parties to whom it is
addressed and may contain information that is proprietary, privileged,
confidential and/or exempt from disclosure under applicable law. If you are
not an intended recipient, you are hereby notified that any viewing,
copying, disclosure or distribution of this information may be subject to
legal restriction or sanction. Please notify the sender immediately and
delete the original message without making any copies. Copyright in this
email and any attachments belong to Spectrum Geo Limited.
We cannot guarantee the security or confidentiality of email
communications. We do not accept any liability for losses or damages that
you may suffer as a result of your receipt of this email.
Email communication with Spectrum Geo Ltd., may be monitored as permitted
by UK legislation.
Spectrum Geo Limited, is a limited company registered in England and
Wales. Registered number: 1979422. Registered office: 95 Aldwych, London
WC2B 4JF.





-- 
Matt M., CISSP, GCFE, GCFA

*“*To disagree leads to study, to study leads to understanding, to
understand is to appreciate, to appreciate is to love. So maybe I’ll end up
loving your theory.*”* -*John Wheeler*

------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: