[Snort-users] RE: Network Behaviour Anomoly Detection

sekure sekure at ...11827...
Wed Jul 14 09:15:53 EDT 2004


On Tue, 13 Jul 2004 14:55:38 -0400, Martin Roesch <roesch at ...1935...> wrote:
> The binary format can be read by barnyard (file "snort-unified.stats")
> which would work great for a post-processed anomaly detector if you
> wanted near real-time performance.  

Barnyard 0.2.0 had no idea what to do with the unified file.  It
mentioned something about unknown input filter.  Has anyone been able
to process a unified output from stream4 with barnyard?  Care to share
your config?




More information about the Snort-users mailing list