[Snort-sigs] [Snort-users] Doubts

wkitty42 at ...3507... wkitty42 at ...3507...
Tue Feb 16 16:59:16 EST 2016

On 02/11/2016 12:18 PM, ARUN LAL wrote:
> Hi
> Could you please explain the 4th and 5th steps in detail?
> ---------------------------------------
> 4. configure each snort with a specific identifier to keep alerts separated
> by sensor in the central database. (see the -G and -logid command line
> parameters)


> 5. configure each tool like barnyard2 to gather the alerts and insert them
> into the central database.

i don't understand the question... each snort sensor has a barnyard2 
installation, right? each barnyard2 will /push/ the alerts to the central 
database where your monitoring takes place...

  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

More information about the Snort-sigs mailing list