[Snort-users] General questions

SkatFiend at ...661... SkatFiend at ...661...
Mon Feb 18 11:29:08 EST 2002


The ARIS extractor uses the alert.ids and can also use the portscan.log text files to send info to security focus and is completely separate from mysql. You would simply need to write snort output to both the mysql database and the alert.ids files.

Yes, ACID is more or less real time, depending on your configuration/system delay time.

Cliff

1. I want to make snort log into mysqldatabase. How then I will represent the results from the database, should I use ACID, is it a real-time tool?
 
2.Can I use aris extractor to take entries from mysql database in send it to security focus to their console?
 
thx. 




More information about the Snort-users mailing list