Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snort+mysql+acid

From: "Marcus Henschel" <marcus () hamburg de>
Date: Thu, 12 Jul 2001 16:50:29 +0200
hi there,
i am trying to setup snort with database support together with acid. i think
all the stuff is working fine, but there is no data in my mysql database
when runnig snort with the following command:

root@www:/usr/snort-1.7/bin # ./snort -v -c ../etc/snort.conf -i tun0

i am using freebsd 4.3 stable and tun0 is my outside interface. the output
of this command looks like this:
----------------------------------------------------------------------------
-----
--== Initializing Snort ==--

Initializing Network Interface tun0
Decoding LoopBack on interface tun0
Initializing Preprocessors!
Initializing Plug-ins!
Initializating Output Plugins!

+++++++++++++++++++++++++++++++++++++++++++++++++++
Initializing rule chains...
database: compiled support for ( mysql )
database: configured to use mysql
database:          user = marcus
database: database name = snort
database:          host = localhost
database: password is set
database: detail level  = full
database: data encoding = ascii
database:   sensor name = 62.226.213.12
database:     sensor id = 4
database: using the "log" facility
634 Snort rules read...
634 Option Chains linked into 117 Chain Headers
0 Dynamic rules
+++++++++++++++++++++++++++++++++++++++++++++++++++

Rule application order: ->activation->dynamic->alert->log->pass

        --== Initialization Complete ==--

-*> Snort! <*-
Version 1.7
By Martin Roesch (roesch () clark net, www.snort.org)
07/12-16:43:15.780893 217.80.13.134 -> 216.115.108.245
ICMP TTL:255 TOS:0x0 ID:25308 IpLen:20 DgmLen:84
Type:8  Code:0  ID:59649   Seq:35612  ECHO
----------------------------------------------------------------------------
----------------

any suggestions ???

regards

marcus

--

Marcus Henschel         mail: marcus[at]hamburg.de
20357 Hamburg


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: