For those of you that originally compiled Snort like:
Or, if you look in your snort.conf and your "output" lines look like this:
output database: alert
output database: log
Our recommendation is that after you upgrade to Snort 220.127.116.11, you move to full unified2 logging and use barnyard2 to read those unified2 files and input them into your mysql database.
You can find more information about barnyard2 here:
As always questions can be asked on the Snort Mailing Lists! Thank you!