[Snort-users] Alert messages in packet dumps

Edin Dizdarevic edin.dizdarevic at ...7509...
Mon Apr 14 07:57:07 EDT 2003


Hi,

AFAIK the fastest logging is provided by the unified plugin, not
tcpdump.

Use Barnyard to log to other facilities and relief Snort that way.

Regards,

Edin

Neil Dickey wrote:
> I solved my problem, described below in my post to the list last week,
> by abandoning the tcpdump format output.  I would have liked to use it
> because it is faster and more economical of space, but I never could
> get it to do what I wanted it to and thought it should.
> 
> Best regards,
> 
> Neil Dickey, Ph.D.
> Research Associate/Sysop
> Geology Department
> Northern Illinois University
> DeKalb, Illinois
> 60115
> 


-- 
Edin Dizdarevic





More information about the Snort-users mailing list