LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page snort and mysql
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 03-28-2005, 04:07 AM   #1
ilnli
Member
 
Registered: Jul 2004
Location: Pakistan
Distribution: Slackware 10.0, SUSE 9.1, RH 7, 7.3, 8, 9, FC2
Posts: 413

Rep: Reputation: 32
snort and mysql

Hello.

Iım trying to get Snort on my honeywall to log against an external
mySQL-database. Iıve added this line to /etc/snort/snort.conf:

output database: log, mysql, user=snort_user password=*******
dbname=snort_db host=*******

Iıve set up the mysql-server (and know itıs working, since Iım already
running another snort-process from a different IDS-sensor against it), and
the honeywall-logs tell me that the Snort/MySQL-handshake is completed after
Snort is restarted.

My question is then: Why isnıt Snort sending data to the database? Snort is
running and generating regular logs in /var/log/snort/xxx/, but nothing is
sent to the external database. Port 3306 is open, but there is no traffic
going out of the honeywall-GW on it.

Thank you.
 
Old 03-28-2005, 02:20 PM   #2
gtl20
LQ Newbie
 
Registered: Mar 2005
Posts: 5

Rep: Reputation: 0
it's really hard to tell.
maybe if we could see some config files that would help..
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
snort and mysql lord-fu *BSD 1 11-20-2005 09:11 PM
Slackware, Snort, Mysql Atrocity Slackware 4 06-10-2005 11:20 AM
Snort don't want log to mysql lcat Slackware 1 03-07-2005 07:20 AM
mysql snort acid HELP wylie1001 Linux - Software 0 01-01-2005 06:51 PM
Snort and Logging to Mysql. FragInHell Linux - Security 3 09-18-2004 05:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:59 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration