Date: Sat, 13 Jul 2002 00:45:18 -0700 From: "Corey Snow" <corey@snowpoint.com> To: freeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Snort and unixODBC Message-ID: <3D2F781E.20803.C5A6213@localhost>
next in thread | raw e-mail | index | archive | help
Hey all- I've got a problem getting a Snort system up and running. I want to have Snort on my IDS log via the database output plugin to MSSQL server 2000. I've set up unixODBC, FreeTDS and Snort with the appropriate flags (at least I think I have). isql lets me connect to my Snort database on the SQL server just fine and execute queries. The problem occurs when I start Snort- first it attempts to locate the sensor ID by executing a query for it, which returns a rowcount of 0. Then it runs an INSERT, which succeeds- the sql.log shows this. Next it tries to run the SELECT again looking for the sensor ID, but fails. /tmp/sql.log indicates a SQL_ERROR occured at SQLExecute.c line 328, but that's just the line that saves the logging data. What's really irritating is that I can execute the exact same query via isql with no problems. Has anyone seen this behavior before? Google turned up a few hits on this issue, but only one person with a similar configuration and his question was never answered. I've been browsing the sources for a few hours now and while I'm much more familiar with the inner workings of FreeTDS and unixODBC, I'm no closer to an answer. Thanks, Corey Snow To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D2F781E.20803.C5A6213>