Can't get Snort name to work on snort module settings page! Database name failure
45 views
Skip to first unread message
Justin Beeler
Apr 6, 2014, 12:29:42 PM4/6/14
to aan...@googlegroups.com
Snort 2.6.0, barnyard2, MySQL aanval 7 all on same box. ran the create_mysql script, see the tables in the database, database connect success, however database name failure is all I get! I've setup aanval 5 and 6 before and never had this problem. It's very frustrating. I think I've granted perms to the user snort and root about 75 times on the MySQL command line, no dice.
username is snort
database server name localhost and 127.0.0.1 tried, localhost gives connection success but database name is always Failure.
database name is snort
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| aanvaldb |
| mysql |
| snort |
| test |
+--------------------+
5 rows in set (0.00 sec)
+--------------------+
| Database |
+--------------------+
| information_schema |
| aanvaldb |
| mysql |
| snort |
| test |
+--------------------+
5 rows in set (0.00 sec)
mysql> connect snort;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Connection id: 167000
Current database: snort
Current database: snort
mysql> show tables;
+------------------+
| Tables_in_snort |
+------------------+
| data |
| detail |
| encoding |
| event |
| icmphdr |
| iphdr |
| opt |
| reference |
| reference_system |
| schema |
| sensor |
| sig_class |
| sig_reference |
| signature |
| tcphdr |
| udphdr |
+------------------+
16 rows in set (0.00 sec)
+------------------+
| Tables_in_snort |
+------------------+
| data |
| detail |
| encoding |
| event |
| icmphdr |
| iphdr |
| opt |
| reference |
| reference_system |
| schema |
| sensor |
| sig_class |
| sig_reference |
| signature |
| tcphdr |
| udphdr |
+------------------+
16 rows in set (0.00 sec)
mysql>
SuperheroSmith
Apr 6, 2014, 12:49:20 PM4/6/14
to aan...@googlegroups.com
If the connection to the database is successful, all should be fine. You can confirm this by navigating Aanval to Console Configuration > Snort Module > Sensor Configuration. If you're seeing your sensor listed on the right of the screen with the option to enable and modify it, you're good. You're seeing the Failure to connect to database name because of a simple status check query that needs to be fixed; the actual connection to and communication with the database is just fine, and the proof is on the Sensor Configuration menu with an available sensor to manage.
Reply all
Reply to author
Forward
0 new messages