Jonesie26
Programmer
- Apr 16, 2009
- 1
Hi,
I have a Snort IDS detecting bad traffic going through a server. So far the alerts are saved to a MySQL database on the same machine and also syslog messages are generated.
I have a perl script which performs some actions when a new alert is generated. The problem I have is that I don't know how to run the script every time an alert is logged. At the moment it is constantly querying the DB which is a waste of resources.
The ideal solution would be something that monitors MySQL or syslog traffic on the local host and then runs the script.
So far I have tried to use a socket connection to listen on port 3306 (MySQL) but since this port is being used its not allowed.
Any help would be most appreciated!
Cheers,
Jonesie
I have a Snort IDS detecting bad traffic going through a server. So far the alerts are saved to a MySQL database on the same machine and also syslog messages are generated.
I have a perl script which performs some actions when a new alert is generated. The problem I have is that I don't know how to run the script every time an alert is logged. At the moment it is constantly querying the DB which is a waste of resources.
The ideal solution would be something that monitors MySQL or syslog traffic on the local host and then runs the script.
So far I have tried to use a socket connection to listen on port 3306 (MySQL) but since this port is being used its not allowed.
Any help would be most appreciated!
Cheers,
Jonesie
erlDesignPatterns)[/small]