Remember if you want database support, then SCROLL DOWN and get the other version on this page.

Details about this version:
latest version.

Backup your /etc/snort.conf (/boot/beos/etc/snort.conf) file and read the comments in RED in /etc/snort.conf

For more info see my Snort for BeOS How-To

Details about this version:
latest version.

You may have to update your database schema version if you already run snort. The current database schema version is 106.

To update it have a look at the schema table:
select * from schema;

If the value of vseq is less than 106 then you'll have to update it:
update schema set vseq=106 where vseq=105;

or if your vseq is 104, 103 or whatever change the above SQL.

If you have any problems send me an email.

FreeTDS is required and that is here http://www.bebits.com/app/2457 or with a nice name here: http://www.bebits.com/app/2889

Included in this zip file is a file called create_sybase which contains all of the SQL required to create the Sybase tables and indexes.

If you know Sybase or MS SQL Server then you'll know what to do with this file. If you run SQSH, open this file in StyleEdit, copy all, and paste it into SQSH.

So far it is running fine, so i am going to have to enable Sybase and Microsoft SQL Server support in SnortMonitor now..... ;-)

Snort Config/resource file
You will have to edit your .snortrc file or snort.conf file and add in this line:
output database: log, sybase, host=snort user=youruserid password=yourpassword dbname=snort sensor_name=tcp/ip_address_of_your_pc detail=full

The order of this is important because it will crash if you don't have it in the above order
Please email me any bugs.

Details about this version:
This is the first version of Snort which supports Sybase. There is already Microsoft SQL Server support, but not using FreeTDS, so this release is i guess a "landmark release" for Snort and FreeTDS :-)

• My Projects Page
• Official Snort Home Page
• OpenSSL
• PostgreSQL Home
• Snort for BeOS How-To
• Snort Monitor