https://community.splunk.com/t5/All-Apps-and-Add-ons/Winids-Snort/m-p/60397#M3617 <P>Hi, I have a IDS system running snort on WINIDS (Win7). How do I get splunk to connect and collect info ?</P> Mon, 30 Jan 2012 13:01:16 GMT pcarron 2012-01-30T13:01:16Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Winids-Snort/m-p/60397#M3617 <P>Hi, I have a IDS system running snort on WINIDS (Win7). How do I get splunk to connect and collect info ?</P> Mon, 30 Jan 2012 13:01:16 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Winids-Snort/m-p/60397#M3617 pcarron 2012-01-30T13:01:16Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Winids-Snort/m-p/60398#M3618 <P>I have no experience with WINIDS myself, but looking at the information pages it seems it comes preconfigured with Snort logging to a local MySQL database. In order to have Splunk read it, you will need to configure to log either to a file or via syslog (I found instructions on the latter here: <A href="http://www.winsnort.com/index.php?module=Pages&amp;func=display&amp;pageid=21">http://www.winsnort.com/index.php?module=Pages&amp;func=display&amp;pageid=21</A>). Reading events from a MySQL database is not supported, mostly because of the lack of a unified way to query databases from Splunk.</P> Mon, 30 Jan 2012 13:51:59 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Winids-Snort/m-p/60398#M3618 Ayn 2012-01-30T13:51:59Z