FLoP - 1.6.0: Fast Logging Project for Snort
Prev	Chapter 7. The program getpacket	Next

7.3. The configuration file of getpacket

The getpacket keywords in detail

DBuser: name: Specifies the name of the database user who is allowed to do SELECTs of the tables. The default is snort.
DBpassword: password: Specifies the password used among with the DBuser name to connect to the database. Note: An empty password has to be represented by empty quotes, which is the default.
DBname: name: Name of the database where getpacket should select the alert packet data, defaults to snort.
DBtype: name: Type of the database to use. Actually only MySQL and Postgres are supported and have to be enabled at compile time of servsock. No default is set since it is not clear which database support was enabled at compile time of servsock.
SocketName: socketname: This specifies where to find the unix domain socket of the database. If the word NULL (all capital!) is given, the database libraries find the socket by their own mechanism. This is useful in combination with the PostgreSQL database.

If the servsock.conf file is used then only the necessary keywords are used. All other options are ignored and a warning is printed to stderr.

Prev	Home	Next
The command line options of getpacket	Up	Some final notes on getpacket