[Snort-users] Mult snort instances and portscan logging

Andrew R. Baker andrewb at ...950...
Thu Oct 25 12:44:06 EDT 2001


Comments inline.

> Stephen Shepherd wrote:
> 
> Questions [about portscan logs]:
> Will barnyard collect this data together as well as Alert data?

Barnyard does not support reading the portscan logs at this time.  There
is work being done on an updated portscan detector that will output data
capable of being read by barnyard.

> 
> BTW any idea when Barnyard will support Microsoft SQL?  I would be
> more than happy to help test that.  Implementing Barnyard is the next
> big step in my IDS project.

Postgres support is currently being worked on for the barnyard database
output plugin.  MS SQL support will be included in the future, but that
may take some time.

-A




More information about the Snort-users mailing list