[Snort-users] postgres database module oddities...

Jim Burnes jburnes at ...75...
Thu Aug 24 11:24:46 EDT 2000


On Wed, 23 Aug 2000, Jed Pickel wrote:

> > I'm using snort-1.6.3 and postgres-7.0.2.  I have one backend
> > database machine and several sensors.  event insertion into the
> > database works pretty well except for one glaring problem..  No
> > Packet Body!
> 
> This issue is addressed in the latest development version. I actually
> committed that code to CVS earlier today. How is that for timing. ;) In
> addition to payload the plugin now supports logging:
> 
>   * all tcp, udp, and icmp fields
>   * all tcp and ip options
>   * payload in either base64 or ascii


Can anyone comment on the relative benefits under snort of the
benefits of mysql vs postgresql?

I've heard that postgresql wins out for multiple reasons, but
I'd like to do a survey.

jim burnes





More information about the Snort-users mailing list