Morpheus Posted November 25, 2014 Report Posted November 25, 2014 Attach you barnyard.conf file. I can log in mysql and check database # mysql -u snort -p mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | archive | | mysql | | performance_schema | | snort | | test | +--------------------+ Attach you barnyard.conf file. Quote
thang_dl Posted November 26, 2014 Report Posted November 26, 2014 the file requested... barnyard2.conf Quote
Morpheus Posted November 26, 2014 Report Posted November 26, 2014 This is your line 349 output database: log, mysql, user=base password=123456 dbname=snort host=localhost sensor_name=WinIDS-Home This is what the line 349 should look like if the tutorial was followed output database: log, mysql, user=snort password=l0gg3r dbname=snort host=winids sensor_name=WinIDS-Home Not sure what you have done as it appears you have changed critical switches. Correcting these should allow a connection to the MySQL database? Quote
thang_dl Posted December 4, 2014 Report Posted December 4, 2014 snort does not writing file log (file log "merged.log.1417671245" 0kb) file config snort PC install snort IP (192.168.2.120/24 ) (network 192.168.2.xx) OS: Windows XP sp3 can you help me snort.conf Quote
Morpheus Posted December 4, 2014 Report Posted December 4, 2014 Did you try: >How manually to trigger TCP, IP, UDP, and ICMP for event testing Quote
thang_dl Posted December 5, 2014 Report Posted December 5, 2014 Thank you for help my I connect Mysql C:>mysql -u root -p Enter password: ******* mysql> connect snort; Connection id: 6 Current database: snort mysql> select * from event limit 10; Empty set (0.03 sec) mysql> and in snort file log merged.log.1417778600 (7MB) i don't know database snort empty help my Quote
Morpheus Posted December 5, 2014 Report Posted December 5, 2014 Did you try: How manually to trigger TCP, IP, UDP, and ICMP for event testing ? What were the results? Quote
thang_dl Posted December 5, 2014 Report Posted December 5, 2014 + I add rules in local.rules and sonrt in run file log + Barnyard2 exiting database: Closing connection to database "snort" (barnyard2.exe not run) + runing start.bat database mysql_error: Can't connect to local MySQL server through socket '/tmp/m ysql.sock' (2) Quote
Morpheus Posted December 5, 2014 Report Posted December 5, 2014 Go back to the tutorial and complete the section labled 'Testing the Snort configuration file'. Post the results. Quote
thang_dl Posted December 7, 2014 Report Posted December 7, 2014 Failed install snort on Windows XP. Snort error cannot write mysql. Check file log snort data but mysql -> empty run d:winidsactivatorsby2-test database mysql_error: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.