Printable View
The user, if you created it, is sensor1 (at least that is what you snort.conf is indicating and what I am assuming).
Is the database on the same machine as Snort? if so, why not use update user set password=password ‘test’ where user=’sensor1’; and
set password for 'sensor1'@'localhost'=password('yoursnortpassword');
Alright...
I got SNORT to work on my LINUX machine. It logs to /var/log/snort/alerts and portscan. But im trying to get it to log to my Windows Mysql database but it isnt. My /etc/snort.conf i posted already soo if you can see something that is wrong i havent changed that. I know there is something being sent to MYSQL cause kerio firewall on my windows mahines shows connected mysql.exe out and there is data being transferred to and from 192.168.0.1.
But i cant seem to find anything logged.
Here is some output from commands from mysql:
mysql> use mysql
Database changed
mysql> show databases;
+----------+
| Database |
+----------+
| mysql |
| snort |
| test |
+----------+
3 rows in set (0.00 sec)
mysql> use snort
Database changed
mysql> show tables;
+------------------+
| Tables_in_snort |
+------------------+
| acid_ag |
| acid_ag_alert |
| acid_event |
| acid_ip_cache |
| data |
| detail |
| encoding |
| event |
| icmphdr |
| iphdr |
| opt |
| reference |
| reference_system |
| schema |
| sensor |
| sig_class |
| sig_reference |
| signature |
| tcphdr |
| udphdr |
+------------------+
20 rows in set (0.00 sec)
mysql> select * from data;
Empty set (0.00 sec)
mysql> select * from events;
ERROR 1146: Table 'snort.events' doesn't exist
Im not sure HOW to DEBUG this problem any help...