[Snort-users] Barnyard's explained

sekure sekure at ...11827...
Tue Jul 20 19:43:02 EDT 2004


Barnyard takes that unified log file, which by itself does you no good
since it's in binary format and you can't read it, and process it,
outputing the alerts to a variety of devices, be it regular text
files, syslog or databases.



----- Original Message -----
From: Tom Fulton <tfulton9909 at ...5068...>
Date: Tue, 20 Jul 2004 19:33:22 -0700
Subject: [Snort-users] Barnyard's explained
To: snort-users at lists.sourceforge.net















Can someone explain what the benefit is of using Barnyard?




I understand that the unified output plug in allows Snort to write
alerts and logs into a single binary file which frees up processing
from the detection engine (as apposed to writing to a flat file, etc)
so that Snort runs faster overall.  However, Snort does that by
itself.   I'm not clear on what value Barnyard adds to this.



thanks




More information about the Snort-users mailing list