[Snort-users] Quick Barnyard Question Newbie
sknoch at ...7864...
Tue Jul 15 07:59:49 EDT 2003
Do I have to run 2 instances of barnyard to check both snort.alert and snort.log files? I am currently using two input processor dp_log and dp_alert. I then have 2 acid_db output plugins to log both alerts and logs to my MySQL db. My startup script is
barnyard -D -w /*/barn.waldo -c /*/barnyard.conf -d /*/snort -g /*/gen-msg.map -s /*/sid-msg.map.
Will this read both unified output files? or did I miss a setting along the way? Is this the best way to do this?
Thanks in Advance,
More information about the Snort-users