Bug #277: Snort on pfSense Router Not Sending Alerts to MySQL Database - FreeBSD Administration - ALT Project Management

Bug #277

Snort on pfSense Router Not Sending Alerts to MySQL Database

Added by Daniel Curtis about 11 years ago. Updated almost 10 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Daniel Curtis

Category:

Intrusion Detection/Prevention

Target version:

pfSense 2.1.5

Start date:

12/27/2013

Due date:

% Done:

100%

Estimated time:

0.50 h

Spent time:

1.00 h

Description

I encountered a problem during the configuration of the Snort IDS with Barnyard2 where the alerts triggered by Snort were not being sent to the remote database configured to receive the alerts. I checked the configuration in Services -> Snort -> {Snort Interface} -> {Interface} Barnyard2 and found it to be set to:

alert, mysql, user=user password=pass dbname=snorby host=IP

This however is incorrect, I needed to set it to the proper configuration:

output database: alert, mysql, user=user password=pass dbname=snorby host=IP

Once I set the proper configuration Barnyard2 began sending alerts to the remote MySQL database.

Also available in: Atom PDF

Project

General

Profile

GNet Solutions » FreeBSD Administration

Bug #277

Snort on pfSense Router Not Sending Alerts to MySQL Database

Updated by Daniel Curtis almost 10 years ago