[Snort-users] Re: [Barnyard-users] Barnyard alert_fast and log_dump question ...

Bamm Visscher bamm at ...539...
Tue Oct 5 06:13:37 EDT 2004


I've heard rumors that the unified output format and/or barnyard will be revamped some. Is there some reason you can't just run two instances of barnyard (one to watch unified alert and output to alert_fast. And another to watch unified log and ouput to DB)?

Bammkkkk

On Mon, Oct 04, 2004 at 09:05:17PM -0600, Sam Evans wrote:
> Thanks for the reply .. 
> 
> Do you know if this type of functionality will be added into future
> updates of Barnyard?  I could probably hack something together, but
> would rather have something more official as my C skills are quite
> weak.
> 
> Thanks again,
> Sam
> 
> 
> 




More information about the Snort-users mailing list