To quote Jed Pickel in the document found at:
         http://www.incident.org/snortdb/

<quote>
The database schema is going to grow and improve over time. Keep this in
mind as you develop applications based on this schema.

The fields ip_src1, ip_src2, ip_src3, ip_src4, ip_dst1, ip_dst2, ip_dst3,
ip_dst4 are going to be removed in the next major release of the database
schema after snort 1.7 is released; therefore, you will need to use the
fields ip_src and ip_dst to obtain IP information. Info on the best ways
to do this will be posted here when I get around to it.

To normalize the database schema I plan to make a table called signature
that has an integer and a text string. The signature field in the event
table will then be replaced by a reference number to this signature table.
</quote>

Hope this helps.

-Blake

=================================================================
The Government, like diapers, should be replaced regularly, and
often for the same reasons.

On Fri, 22 Jun 2001, Dan Fiorito wrote:

> Hi all:
>
> just built snort 1.8 beta 6 from CVS, is the new DB Schema (103) compatible
> with acid 6b9?
>
> I get the following error when I try to look at any data.
>
>
> Query execution error:
> Database ERROR:Unknown column 'ip_src0' in 'field list'
>
>
>
> Thanks,
> Dan
>

_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]