[Snort-sigs] Snort Alert Mysql Query

Rob MacGregor rob.macgregor at ...2420...
Mon Feb 15 10:44:41 EST 2016


On Mon, Feb 15, 2016 at 3:38 PM ARUN LAL <arunlal7701 at ...2420...> wrote:

> Hi Rob,
>
> Thanks i understand the sid and cid. The "cid" values is get changed it
> depend on the number of event.
>
> Could you please assist me to configure each snort alerts to a central
> database and we need to view all the alerts of the snort servers in one
> snorby server.
>

1) If you go read the barnyard2 documentation I'm sure you'll find the
information you're after
2) Maybe the hand-holding Security Onion provides is something you'd find
helpful?

As you're unwilling to keep this on the mailing list, despite my asking you
to, this is the last response you'll get from me on this thread ;)
-- 
Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20160215/88dffb5d/attachment.html>


More information about the Snort-sigs mailing list