Bug #277: Snort on pfSense Router Not Sending Alerts to MySQL Database - FreeBSD Administration - ALT Project Management

Bug #277

Snort on pfSense Router Not Sending Alerts to MySQL Database

Added by Daniel Curtis about 11 years ago. Updated almost 10 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Daniel Curtis

Category:

Intrusion Detection/Prevention

Target version:

pfSense 2.1.5

Start date:

12/27/2013

Due date:

% Done:

100%

Estimated time:

0.50 h

Spent time:

1.00 h

Description

I encountered a problem during the configuration of the Snort IDS with Barnyard2 where the alerts triggered by Snort were not being sent to the remote database configured to receive the alerts. I checked the configuration in Services -> Snort -> {Snort Interface} -> {Interface} Barnyard2 and found it to be set to:

alert, mysql, user=user password=pass dbname=snorby host=IP

This however is incorrect, I needed to set it to the proper configuration:

output database: alert, mysql, user=user password=pass dbname=snorby host=IP

Once I set the proper configuration Barnyard2 began sending alerts to the remote MySQL database.

Updated by Daniel Curtis almost 10 years ago

Project changed from 32 to FreeBSD Administration
Category set to Intrusion Detection/Prevention
Target version set to pfSense 2.1.5

Also available in: Atom PDF

Project

General

Profile

GNet Solutions » FreeBSD Administration

Bug #277

Snort on pfSense Router Not Sending Alerts to MySQL Database

Updated by Daniel Curtis almost 10 years ago