[Snort-users] More than one output module

Joshua Berry jberry at ...11848...
Thu Jul 15 09:11:14 EDT 2004


Maybe you are just overloading snort.  DB logging causes intensive CPU
by itself but doing it to two different DB's and also Syslog will
probably slow Snort down enough to miss things.
 
-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Esler,
Joel - Contractor
Sent: Thursday, July 15, 2004 9:58 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] More than one output module
 
Has anyone experianced any problems with outputting to more than one
output module?  Is there a reason for it? Does the order matter?
 
I have Snort logging to mysql, oracle, and syslog.  But it seems when
syslog is turned, occasionally an alert will be missed in the db?
 
J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040715/121aa579/attachment.html>


More information about the Snort-users mailing list