[Snort-users] db logging

Greg Sarsons gsarsons at ...530...
Sat Oct 27 14:01:02 EDT 2001


Grabbed the daily.tar.gz and built snort without a problem.
Now I'm going to replay back some traffic I captured previously and put
it into a mysql database.

All I really want is to look at the data in the dbase and am not too
concerned about looking for intrusion detection.  So other than the
logging rules I can just disable the rules right?

Which database scheme is in the latest daily snapshot?  Should have
looked while I was at home!

This is going to take a while to put into the database isn't it?  The
file is 19Gig in size.

Greg







More information about the Snort-users mailing list