[Snort-users] flags

Erek Adams erek at ...577...
Tue Jun 11 11:09:03 EDT 2002

On Sun, 9 Jun 2002, Brenda A. Bell wrote:

> Pardon me for lurking on the list, but I'm trying to learn as much about
> Snort as possible.

Lurking, eh?  Ok, 10 lashes with a wet noodle and 3 penalty drinks.  ;-)

> Also pardon what is probably a stupid question:  What is "barnyard"?
> Could you point me to an URL where I could "help myself"?  Thanks.




Ok, I couldn't resist.  ;-)

Barnyard is a seperate daemon process that runs on your snort sensor.  It's
job is to handle all of the connections from snort sensor back to the DB.
Currently, the way the DB output works, if the DB connection drops or fails,
snort stops logging.  Barnyard allows snort to log, and then post into the DB
even if there is a network problem.



Erek Adams

