[Snort-users] email notification scripts

Edin Dizdarevic edin.dizdarevic at ...7509...
Tue Jan 7 15:29:02 EST 2003


Hi Ryan,

why don't you log localy, let barnyard log to the database and
logsurfer be your real time warning system? Do it IMHO the right
way from the very begininng. Probably the best (performance) setup.
No need for ugly DB-queries, no dropped packets at high load since
Snort cannot analyze while logging (is this right?), no fear to loose
alerts and Snort if MySQL is down... Enough reasons? ;)

Ryan Ordway wrote:
> 	I've recently moved from an alert logging based Snort system to a
[...]
> unfortunately.... maybe something to use as an example?
> 
> 	Thanks muchly,
> 
> 	Ryan

Regards,

Edin_

-- 
Edin Dizdarevic







More information about the Snort-users mailing list