[Snort-users] SQL ALert Logging

Wilcoxen, Scott SWilcoxen at ...9020...
Thu May 1 08:13:31 EDT 2003


I was wondering if it is possible to setup multiple ruletypes and have
them log to different databases.  I was going to take all my
"non-critical" alerts and put them into a separate database.  I was
under the impression I could do this with alert groups in Acid, but when
I setup an Alert Group in acid and add alerts to it, future alerts don't
end up in the group.  I'd rather keep them in the database as I can view
them remotely though Acid, of course with two databases I'd have to
setup to Acid directories on my web server...Anyone have any input on
this?

 

 

 

Scott S Wilcoxen

Macfadden & Associates, Inc.

Email: Swilcoxen at macf dot com

www.macf.com

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20030501/1352d233/attachment.html>


More information about the Snort-users mailing list