|
snort and mysql
Hello.
Iım trying to get Snort on my honeywall to log against an external mySQL-database. Iıve added this line to /etc/snort/snort.conf: output database: log, mysql, user=snort_user password=******* dbname=snort_db host=******* Iıve set up the mysql-server (and know itıs working, since Iım already running another snort-process from a different IDS-sensor against it), and the honeywall-logs tell me that the Snort/MySQL-handshake is completed after Snort is restarted. My question is then: Why isnıt Snort sending data to the database? Snort is running and generating regular logs in /var/log/snort/xxx/, but nothing is sent to the external database. Port 3306 is open, but there is no traffic going out of the honeywall-GW on it. Thank you. |
it's really hard to tell.
maybe if we could see some config files that would help.. |
| All times are GMT -5. The time now is 04:52 PM. |