0
I installed Snort on windows 7, and added all the rules and everything works fine for me.
The thing that I want to add, is to save alerts in mysql database, in my case, in some tutorials that I found online this one which says that we can change "snort.conf" by modifying the database line:
# syslog
# output alert_syslog: LOG_AUTH LOG_ALERT
# pcap
# output log_tcpdump: tcpdump.log
# database
# output database: alert, <db_type>, user=<username> password=<password> test dbname=<name> host=<hostname>
# output database: log, <db_type>, user=<username> password=<password> test dbname=<name> host=<hostname>
The problem is, that I don't actually have this configuration line of the database in snort.conf.
So should I add it manually, and create the MySQL database.