[Snort-users] logging with priority

Andrew R. Baker andrewb at ...1935...
Fri Oct 25 09:16:02 EDT 2002


Hubert Karlch wrote:
> Hello,
> I am using snort 1.9.0 with unified output for logs and alerts. With
> barnyard rc3 I log into a MySQL-DB. I am using ACID for analyzing.
> 
> ACID doesnt support priorities. Is it possible, to configure barnyard to log
> alerts with different priorities in different databases? I have tried to
> create a filter (config filter: priority 1), but without any effect.
> 
> Any ideas to solve this problem?

There is no current way to log events based on priority (neither in 
Snort nor Barnyard).  This functionality will probably get added 
sometime in the future.

-A





More information about the Snort-users mailing list