|
|
|
|
Snort Forums Archive
Archive Home » Snort Advanced » MS SQL, unixODBC, and freetds
Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.
[ Notice: Full Version of This Topic ]
MS SQL, unixODBC, and freetds
Posted by jvhaysx on March 22, 2005 08:24:16
Does anyone have a link to a detailed cookbook (or even a few clear hints) on getting Snort to log to MS SQL?
Snort is currently humming along on Linux and logging to MySQL but I have been tasked to get Snort to log to MS SQL instead (don't ask - not my idea). Evidently this unpleasant task can be accomplished but documentation is a bit thin. README.database and Roman Danyliw's web pages both point to unixODBC but the unixODBC documentation barely mentions odbc.ini and odbcinst.ini in passing. I did find some odbc.ini examples on the Web. However, the unixODBC 'isql' utility gives me "[ISQL]ERROR: Could not SQLConnect". If anyone has any troubleshooting tips to share I'd appreciate it.
Web examples of odbc.ini and other puzzle pieces lead me to believe I will need to add freeTDS to the mix in order to talk with the MSSQL DB. True/False?
Thanks. - Jonathan
[BTW, an MS SQL 'expert' has created the MS SQL database using the create_mssql script I gave her and has provided me with login credentials so presumably all is well at the remote MS SQL DB server end.] |
|
Posted by jvhaysx on March 23, 2005 12:17:11
I did manage to get this working - I should say I can connect to the MS SQL database via the isql command on the Linux-based Snort box.
There are three key config files: odbc.ini, odbcinst.ini, and freetds.conf that work together.
There is actually plenty of good documentation on www.unixodbc.org and www.freetds.org but no up-to-date cookbook. You just have to read through the docs and try stuff. |
|
|
|
|
|
