0

Trying to setup Snorby for Snort with PostgreSQL on Mac OS X 10.10.2 (Yosemite)

  • Snort 2.9.7.2 GRE (Build 177)
  • PostgreSQL 9.4.1
  • ruby 1.9.3p551 (2014-11-13 revision 48407) [x86_64-darwin14.1.0]

Here is what happens when I attempt to install it. What’s wrong? Any ideas?

$ sudo gem install dm-postgres-adapter
Successfully installed dm-postgres-adapter-1.2.0
1 gem installed

$ sudo bundle exec rake snorby:setup
No time_zone specified in snorby_config.yml; detected time_zone:
America/Chicago
rake aborted!
*cannot load such file -- dm-postgres-adapter*
Tasks: TOP => snorby:setup => environment
(See full trace by running task with --trace)
Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
drew1kun
  • 2,088
  • 7
  • 41
  • 59
  • [This thread suggests Snorby does not work with PostgreSQL](http://sourceforge.net/p/snort/mailman/message/32813997/), so it seems like MySQL is the “solution.” But then again, Snorby does claim to be able to work with PostgreSQL. – Giacomo1968 Mar 31 '15 at 02:14
  • Does that mean that snort database should also be in mySQL? – drew1kun Mar 31 '15 at 02:19
  • I assume so. No expert on this tool, but it all points to MySQL being the solution. – Giacomo1968 Mar 31 '15 at 02:42
  • well if my snort database in Postgres, but snorby's in mysql will it work then? And why everyone says that Snorby works with Postgres, but no any single guide how to do so?! – drew1kun Mar 31 '15 at 02:58
  • Like I said, I am no expert on this tool and just providing a link for you in an effort to help. That said, I cannot debate this stuff since I don’t know anymore than I posted. I wish you the best of luck in solving this issue. – Giacomo1968 Mar 31 '15 at 03:01

1 Answers1

0

Well I've added gem 'dm-postgres-adapter', DM_VERSION to the Gemfile but it didn't help. People on github say that original snorby isn't working with postgresql... Some say there are a few forks which are kinda postgres-compatible, but I didn't find them ((((

drew1kun
  • 2,088
  • 7
  • 41
  • 59