[Snort-users] Mult snort instances and portscan logging
drew600_1999 at ...131...
Thu Oct 25 11:06:09 EDT 2001
I am running 3 instances of Snort(under Win2k) and I would like to
consolidate the portscan logs. Since ACID will only let me reference one
file for Portscan data I would like to have the portscan logs combined. I
assume it would not be wise to write to the same log from all three
Will barnyard collect this data together as well as Alert data?
Could I just concatenate them and reference the combined file in ACID, or do
the entries need to be in chronological order?
BTW any idea when Barnyard will support Microsoft SQL? I would be more than
happy to help test that. Implementing Barnyard is the next big step in my
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users