[Snort-users] General snort question

Alex Butcher, ISC/ISYS Alex.Butcher at ...11254...
Thu Sep 16 01:00:04 EDT 2004


--On 10 September 2004 16:07 -0400 Wendell Smith <wendels at ...12409...> 
wrote:

> I only found one reference to the word "sensor" in the entire Snort
> manual. I grep for "sensor" in the install/doc dir and I find only two
> instances of the word. Neither of which sheds any light on how to make 
use > of this mechanism.
>
> So...
>
> Could someone point me in the direction of some documentation about
> utilizing and deploying snort sensors that relay information to a
> central back-end server?

The usual way is to use the database output plugin, or one of the spool 
processors out there (i.e. barnyard, FLoP or mudpit) and a SQL database 
(MySQL and PostgreSQL are the usual choices).

> Wendell

Best Regards,
Alex.
-- 
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing             GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9






More information about the Snort-users mailing list