Fatal Error /etc/snort/snort.conf Unknown Output Plugin Database
Contents |
Packet crafters More Site News Advertising About/Contact Sponsors: Snort mailing list archives By Date By Thread Re: error snort.conf(0) unable to open rules file snort.conf no such file or directory BASE installation in snort From: basant subba
Error /etc/snort//etc/snort/rules/app-detect.rules(0) Unable To Open Rules File
Date: Mon, 12 May 2014 19:36:10 +0530 Thank you Joel for that information. Now I have a snort local.rules missing different problem. When I am trying to process my unified2 output using barnyard2 I am getting this error --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output
Unable To Open Rules File /etc/snort/../rules/local.rules No Such File Or Directory
Plugins! Parsing config file "./barnyard2.conf" Log directory = /var/log/barnyard2 database: 'mysql' support is not compiled into this build of snort ERROR: If this build of snort was obtained as a binary distribution (e.g., rpm, or Windows), then check for alternate builds that contains the necessary 'mysql' support. If this build of snort was compiled snort rules download by you, then re-run the the ./configure script using the '--with-mysql' switch. For non-standard installations of a database, the '--with-mysql=DIR' syntax may need to be used to specify the base directory of the DB install. From above error message I understood that my installed version of snort(2.9.6.1) doesn't support mysql. I even tried re-compiling snort using ./configure --with-mysql, as suggested in some post. Everything compiles fine but then there's a warning at the end saying --with-mysql command cannot be identified. So is there any other way that I can re-compile my snort to support mysql? Also I went through quite a few number of posts regarding this issue but I didn't find any solution? Is it a dead end and snort doesn't support myqsl? I had similar query about pulledpork where I was unable to update my ruleset using oinkcode and I had posted it a few weeks back but I didn't get any reply. I was even asked by someone to
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start
No Preprocessors Configured For Policy 0.
viewing messages, select the forum that you want to visit from the selection below.
Pulledpork Snort
Page 1 of 2 12 Last Jump to page: Results 1 to 10 of 12 Thread: Snort + MySql Server error... Tweet snort community rules Thread Tools Show Printable Version Subscribe to this Thread… Display Linear Mode Switch to Hybrid Mode Switch to Threaded Mode February 10th, 2003,04:19 AM #1 Condoor View Profile View Forum Posts Visit Homepage Member Join Date http://seclists.org/snort/2014/q2/619 Jan 2003 Posts 31 Snort + MySql Server error... SUP... I have installed Snort on my linux firewall machine. I am managing it using a windows machine behind it. I used this as a reference http://www.sans.org/rr/intrusion/practical_guide.php I have worked my way through the whole thing but the second to last step i run into a problem: here is the command im suppose to issue snort-mysql+flexresp –v –c /etc/snort/snort.conf but i get this http://www.antionline.com/showthread.php?238342-Snort-MySql-Server-error error: database: compiled support for ( mysql ) database: configured to use mysql database: database name = snort database: user = sensor1 database: host = 192.168.0.69 database: port = 3306 database: password is set database: sensor name = sensor1 database: mysql_error: Access denied for user: 'sensor1@192.168.0.1' (Using password: YES) Fatal Error, Quitting.. Now im not sure what to check: for this error im lost on this one: i got a few other ones though this reference but figured those out but not this one: can someone help me and maybe give me an idea on what setting to check: Thanks Reply With Quote February 10th, 2003,04:43 AM #2 IchNiSan View Profile View Forum Posts Senior Member Join Date Jul 2001 Posts 461 well, iirc...... you need to get into the mysql command line by typing mysql (then hit enter) and then, connnect to the database snort shoudl use by typing use
instructions: Windows Mac Red Hat Linux Ubuntu Click URL instructions: Right-click on ad, choose "Copy Link", then paste here → (This may not be possible with some types of ads) More information about our ad policies https://sourceforge.net/p/snort/mailman/message/16785564/ X You seem to have CSS turned off. Please don't fill out this field. You seem to have CSS turned off. Please don't fill out this field. Briefly describe the problem (required): Upload screenshot of https://www.experts-exchange.com/questions/26614800/snort-barnyard-0-2-0-mysql.html ad (required): Select a file, or drag & drop file here. ✔ ✘ Please provide the ad click URL, if possible: Home Browse Snort Mailing Lists Snort Brought to you by: andrewbaker, joelesler, roesch unable to Summary Files Reviews Support Wiki Mailing Lists snort-devel snort-openappid snort-sigs snort-users Re: [Snort-users] How do I supress file-logging but not database-logging? Re: [Snort-users] How do I supress file-logging but not database-logging? From: Bamm Visscher