[Snort-users] How to get barnyard to read both log and alert

Basselgia, Barry A Mr (NAF Atsugi) BABasselgia at ...12104...
Mon Nov 22 17:30:01 EST 2004


If I understand it correctly, you don't need to have both the log and alert
files processed.

The log file contains all the information in the alert file plus additional
details.  So if you have it process your log file you should have all the
information.

I'm using the following in my barnyard configuration file:

output log_acid_db: mysql, database snort-db, server localhost, user
snort-user, password xxxxxxx, detail full 

I use ACID, BASE, and Open Aanval as frontends to my snort-db and can see
everything.

Barry



-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Russell
Fulton
Sent: Tuesday, November 23, 2004 9:42 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] How to get barnyard to read both log and alert
file?


Hi Folks,
	 I am trying to use barnyard to pick up my unified output alert and
log
files and send them to a mysql database.  I can get it to do one or the
other but not both.  

How can I get barnyard to merge the info from these two files and feed
it to my mysql database?

-- 
Russell Fulton, Information Security Officer, The University of Auckland
New Zealand



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

---------------------------------------------------------
This message has been scanned for viruses and dangerous
content by the NAF Atsugi MailScanner.





More information about the Snort-users mailing list