[Snort-users] SQL ALert Logging
SWilcoxen at ...9020...
Thu May 1 08:13:31 EDT 2003
I was wondering if it is possible to setup multiple ruletypes and have
them log to different databases. I was going to take all my
"non-critical" alerts and put them into a separate database. I was
under the impression I could do this with alert groups in Acid, but when
I setup an Alert Group in acid and add alerts to it, future alerts don't
end up in the group. I'd rather keep them in the database as I can view
them remotely though Acid, of course with two databases I'd have to
setup to Acid directories on my web server...Anyone have any input on
Scott S Wilcoxen
Macfadden & Associates, Inc.
Email: Swilcoxen at macf dot com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users