[Snort-users] Fwd: Snort not righting to DB

Louis Bohm lbohm at ...14154...
Wed Jun 20 11:18:19 EDT 2007


I am having a bad typing day.....

So now that I have barnyard running and snort (supposedly) righting to:
	output alert_unified: filename snort.alert, limit 256
	output log_unified: filename snort.log, limit 256

I have 4 interfaces on this machine.  One to communicate to it and 3 in
passive mode.  Snort is righting to
/var/log/snort/{interface}/snort.log.{some number}.  Is barnyard smart
enough to look in to all the interface directories and read the
snort.log file?  Or do I need to do something different?

Lastly, is Barnyard the best tool for loading the data in to the
database or would something like Syslog-NG be better?

Louis

~~
-------------------------------------
Louis Bohm
Network Administrator
Adnexus Therapeutics
781.209.2324
-------------------------------------

-----Original Message-----
From: Dirk Geschke [mailto:dirk at ...10648...] 
Sent: Wednesday, June 20, 2007 11:02 AM
To: Louis Bohm
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Fwd: Snort not righting to DB

Hi Louis

>  output log_aciddb: mysql, sensor_id 1, database snortDB, server
> localhost, user snortuser, password XXXXX, detail full

there is a typo, it must be "log_acid_db"...

Best regards

Dirk





More information about the Snort-users mailing list