Making Snort Work with MySQL


161


5.1.1


Step 1: Snort Compilations with MySQL Support


Snort must be compiled with   with mysql if you want to use MySQL data 


base with Snort. This is done with the help of the configure script as explained in


Chapter 2. A typical configure script command line  follows:


 ./configure   prefix=/opt/snort   with mysql=/usr/lib/mysql


When you run the configure script, I would recommend adding support for other


components such as SNMP, which is very useful. MySQL libraries must be present in


/usr/lib/mysql directory for successful compilation. Refer to Chapter 2 for


details.


5.1.2


Step 2: Install MySQL


I would suggest installing the MySQL database packages that come with RedHat


or other Linux distributions. MySQL is also available for Microsoft Windows plat 


forms. This is the easiest way to install the database. However you can also download


MySQL database server and client software in the source code form from its web site at


http://www.mysql.org and compile and install it yourself. However, this is recom 


mended only for very experienced users.


5.1.3


Step 3: Creating Snort Database in MySQL


Once you have compiled Snort with MySQL support, the next step is to create


MySQL database where Snort can log data. Before you start using MySQL, make sure


that MySQL server is running on the machine that is being used as the database server.


You can use ps  ef | grep mysql command for this purpose. If this command


shows MySQL processes, it means that the server is running. If you are using a single


machine, you can have the database server running on the machine where Snort is


installed. As mentioned earlier, you can also have a separate database server. For the


purpose of this book, I have used a single machine and all components including Snort


and MySQL server are installed on it.


You can download and install the latest MySQL server from http://


www.mysql.org web site or get the RPM package that is part of your RedHat installa 


tion disk. For people running Snort on Microsoft Windows machines, it is better to get


the binary installable package. You can use the root database user to create the


snort database and grant needed privileges to the rr user.


The mysql client program is used to connect to the database server. You can use


any name for the Snort database and any name for the user to access this database. For


the purpose of this book, we are creating a database named  snort  and a user  rr 








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved