I am trying to configure samhain so that it will write to a log table on a remote mysql database. The problem appears to be that samhain wants to connect to a *local* database despite the fact that I have specified that the db host is on a remote machine.

I compiled with these two options:
I checked the results of the configuration command and also "make clean all" and "make install" and there appeared to be no errors related to the database at all.

I edited /etc/samhain/samhainrc to specify these settings:
I am able to connect to the db server using those credentials from this machine when I try it from the command line:
HOWEVER, when I try to init my database with this command:
Then the first message in the samhain log is this:
It would appear that samhain is ignoring my remote host setting and attempts to connect to a local database server (there is no mysql server installed on this machine).

How do I solve this problem?

Try SetDBHost = <IP> instead of SetDBHost = my-db-server.some-subdomain.example.com ?

I tried that (which would not have been a viable long-term solution) and it also did not solve the problem.

As it turns out, I didn't remove the comment in front of this line in the samhainrc file:
I wasn't aware I needed to uncomment this line but apparently if you don't uncomment it, samhain falls back on the defaults, which would mean setDBHost would be localhost.

This problem is solved.

1 members found this post helpful.