[Snort-sigs] [Snort-users] Doubts

wkitty42 at ...3507... wkitty42 at ...3507...
Tue Feb 16 16:59:16 EST 2016


On 02/11/2016 12:18 PM, ARUN LAL wrote:
> Hi
>
> Could you please explain the 4th and 5th steps in detail?
>
> ---------------------------------------
> 4. configure each snort with a specific identifier to keep alerts separated
> by sensor in the central database. (see the -G and -logid command line
> parameters)

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node11.html#SECTION00294000000000000000

> 5. configure each tool like barnyard2 to gather the alerts and insert them
> into the central database.

i don't understand the question... each snort sensor has a barnyard2 
installation, right? each barnyard2 will /push/ the alerts to the central 
database where your monitoring takes place...

-- 
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.




More information about the Snort-sigs mailing list