Agora vamos configurar o MySQL para armazenar os logs do SNORT.

# mysql

mysql> SET PASSWORD FOR root@localhost=PASSWORD('banco');
Query OK, 0 rows affected (0.00 sec)

mysql> create database snort;
Query OK, 1 row affected (0.03 sec)

mysql> grant INSERT,SELECT on root.* to snort@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> SET PASSWORD FOR snort@localhost=PASSWORD('snort');
Query OK, 0 rows affected (0.00 sec)

mysql> grant CREATE,INSERT,SELECT,DELETE,UPDATE on snort.* to snort@localhost;
Query OK, 0 rows affected (0.00 sec)

mysql> grant CREATE,INSERT,SELECT,DELETE,UPDATE on snort.* to snort;
Query OK, 0 rows affected (0.00 sec)

mysql> exit
Bye

Vamos executar o script de criação das tabelas do nosso banco:

# mysql -u root -p < /etc/installsnort/snort-2.6.1.4/schemas/create_mysql snort
Enter password: senha do root do MySQL

Vamos testar se tudo foi criado corretamente:

# mysql -p
Enter password:

mysql> SHOW DATABASES;

+----------+
| Database |
+----------+
| mysql    |
| snort    |
| test     |
+----------+
3 rows in set (0.00 sec)

mysql> use snort
Database changed
mysql> SHOW TABLES;

+------------------+
| Tables_in_snort  |
+------------------+
| data             |
| detail           |
| encoding         |
| event            |
| icmphdr          |
| iphdr            |
| opt              |
| reference        |
| reference_system |
| schema           |
| sensor           |
| sig_class        |
| sig_reference    |
| signature        |
| tcphdr           |
| udphdr           |
+------------------+
16 rows in set (0.00 sec)

mysql> exit
Bye

OK, o banco está preparado para o SNORT!