Thread: [Secureideas-base-user] problems with BASE
Brought to you by:
secureideas,
sinukas
From: Shahin A. <sha...@ve...> - 2010-01-03 05:16:49
|
Greetings- Just fyi, an upgrade to snort-2.8.5.2 fixed the issue described below: I need some help figuring out why I see events from snort populate the mysql DB, but BASE populated events are empty. I have check the base_conf.php a number of times. I also went through the readme document that comes with Base-1.4.4 and set the DB permissions again. has anyone else run into this issue? mysql> select count(*) from acid_event; +----------+ | count(*) | +----------+ | 0 | +----------+ 1 row in set (0.00 sec) mysql> select count(*) from event; +----------+ | count(*) | +----------+ | 888 | +----------+ 1 row in set (0.00 sec) *********************************************** Thanks to this thread: http://www.mcabee.org/lists/snort-users/Apr-09/msg00082.html I tried the patch stated here with the 2.8.4 version but no go:-( http://www.mcabee.org/lists/snort-users/Apr-09/msg00096.html I also upgraded BASE. But at the end, the issue was the version of snort. Seems both 2.8.3 and 2.8.4 had this issue. I believe I did upgrade snort first when I started troubleshooting. Tough problem. |