[Snort-users] Barnyard and Snort output options

Kevin Brown Kevin.M.Brown at ...1022...
Wed Aug 14 09:52:06 EDT 2002


Currently I have our snort sensors using the alert output logging to a
centralized SQL db.  Lately we have been having problems with the network
due to power outages.  Snort stays running, but it stops sniffing traffic
while it waits to reconnect to the DB.  An employee in another department is
using snort and barnyard to output to multiple places.

What I'm wondering is do I have to run two instances of barnyard and enable
both the log and alert unified outputs to get what I seem to be currently
getting with just Alert logging to a DB in snort?




More information about the Snort-users mailing list