[Snort-users] email notification scripts
edin.dizdarevic at ...7509...
Tue Jan 7 15:29:02 EST 2003
why don't you log localy, let barnyard log to the database and
logsurfer be your real time warning system? Do it IMHO the right
way from the very begininng. Probably the best (performance) setup.
No need for ugly DB-queries, no dropped packets at high load since
Snort cannot analyze while logging (is this right?), no fear to loose
alerts and Snort if MySQL is down... Enough reasons? ;)
Ryan Ordway wrote:
> I've recently moved from an alert logging based Snort system to a
> unfortunately.... maybe something to use as an example?
> Thanks muchly,
More information about the Snort-users