[Snort-users] barnyard question

Chris Green cmg at ...671...
Tue Nov 6 07:57:02 EST 2001


Greg Sarsons <gsarsons at ...3971...> writes:

> I just finished dumping a snort binary dump file to a mysql database
> using log and creating a rule that put everything to the database ie 
>
> ip any any -> any any
>
> This took 3 days to put about 12hours of traffic into the database.
> (the dump file is over 10Gigs)
>
> I was wondering if I will get any kinda of improvement if I use Barnyard
> to do this?

You shouldn't.   Barnyard was designed to do basically the same thing
you are doing and breaking the possibly slow insertion from the actual
capture.
-- 
Chris Green <cmg at ...671...>
Laugh and the world laughs with you, snore and you sleep alone.




More information about the Snort-users mailing list