[Snort-users] Re: [Barnyard-users] Barnyard alert_fast and log_dump question ...
bamm at ...539...
Tue Oct 5 06:13:37 EDT 2004
I've heard rumors that the unified output format and/or barnyard will be revamped some. Is there some reason you can't just run two instances of barnyard (one to watch unified alert and output to alert_fast. And another to watch unified log and ouput to DB)?
On Mon, Oct 04, 2004 at 09:05:17PM -0600, Sam Evans wrote:
> Thanks for the reply ..
> Do you know if this type of functionality will be added into future
> updates of Barnyard? I could probably hack something together, but
> would rather have something more official as my C skills are quite
> Thanks again,
More information about the Snort-users