[Snort-users] output plugins barnyard2
deeplamabam at ...11827...
Wed Dec 16 02:27:58 EST 2009
thank you all for your assistance so far.
i am using snort with barnyard2. what i want to is :
1 log events to mysql database (works fine !!)
2 log alerts to a file in /var/log/snort/<alert filename>,( work fine !!),
am using this file with snort_stat.pl and lastly
*3 log the whole packet to a file in /va/log/snort/<filename>, so that i can
use it with wireshark. (NOT WORKING !! )*
1 and 2 has been configured in barnyard2.conf file as :
a) output alert_fast: /var/log/snort/<alert filename> and
b) output database: alert, mysql, user=snort password=password dbname=snort
*c) using output log_tcpdump in barnyard2.conf for step 3 doesn't helps,
since it logs only raw data and not protocol informations!!*
i would greatly appreciate if someone could help me pass through step 3 !!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users