[Snort-sigs] Reading to MySQL

Joel Esler (jesler) jesler at ...3865...
Mon Oct 26 14:33:44 EDT 2015


Totally not the question asked.

--
Joel Esler
Manager, Talos Group




> On Oct 26, 2015, at 2:07 PM, Ryan <ryan at ...3929...> wrote:
> 
> Attached is a ruby script I wrote a while ago that watches your suricata
> unified log and transmits it to syslog. You could easily manipulate this
> into injecting into MySQL instead.
> 
> _R
> 
> On 10/26/15 1:00 PM, wkitty42 at ...3507... wrote:
>> On 10/26/2015 12:22 PM, Adonis Okpidi wrote:
>>> Please I was wondering what the process is to generate alerts to a MySQL database?
>> you have to configure snort to use unified logging as well as installing
>> barnyard2 to read the unified log and emit it to the database...
>> 
> 
> <unified_watcher.rb>------------------------------------------------------------------------------
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
> http://www.snort.org
> 
> 
> Please visit http://blog.snort.org for the latest news about Snort!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20151026/20925076/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20151026/20925076/attachment.sig>


More information about the Snort-sigs mailing list