Snort mailing list archives
mysql error and sensor name
From: Balla István <balla.bmf () gmail com>
Date: Thu, 9 May 2013 13:26:26 +0200
I m not familiar at all with mysql and found some problem (first 3 lines) related to it when started barnyard2 with:* /usr/local/bin/barnyard2 -c /usr/local/snort/etc/barnyard2.conf -d /var/log/snort -f snort.u2 -w /var/log/snort/barnyard2.waldo* *database: [SynchronizeEventId()]: Problems executing [SELECT MAX(cid) FROM icmphdr WHERE sid='3';] database: [SynchronizeEventId()]: Problems executing [SELECT MAX(cid) FROM udphdr WHERE sid='3';] [SignatureReferencePullDataStore()]: No Reference found in database ... database: compiled support for (mysql) database: configured to use mysql database: schema version = 107 database: host = localhost database: user = root database: database name = snort database: sensor name = localhost:eth3 database: sensor id = 3 database: sensor cid = 1119 database: data encoding = hex database: detail level = full database: ignore_bpf = no database: using the "log" facility* In barnyard2.conf I have* config hostname: localhost* and *config interface: eth3* As you can see it made sensor name from these. Also in my barnyard2.conf there s an entry: *output alert_syslog_full: sensor_name ubuntu, server 10.10.10.2, protocol udp, port 514, operation_mode default* Should sensor_name be localhost:eth3 instead of ubuntu (which is the hostname)? Thanks
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- mysql error and sensor name Balla István (May 09)
- Re: mysql error and sensor name beenph (May 09)