[Snort-users] General snort question
Alex Butcher, ISC/ISYS
Alex.Butcher at ...11254...
Thu Sep 16 01:00:04 EDT 2004
--On 10 September 2004 16:07 -0400 Wendell Smith <wendels at ...12409...>
> I only found one reference to the word "sensor" in the entire Snort
> manual. I grep for "sensor" in the install/doc dir and I find only two
> instances of the word. Neither of which sheds any light on how to make
use > of this mechanism.
> Could someone point me in the direction of some documentation about
> utilizing and deploying snort sensors that relay information to a
> central back-end server?
The usual way is to use the database output plugin, or one of the spool
processors out there (i.e. barnyard, FLoP or mudpit) and a SQL database
(MySQL and PostgreSQL are the usual choices).
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
More information about the Snort-users