[Snort-users] Archiving Snort logs

Joel Esler jesler at ...1935...
Tue Feb 23 10:07:52 EST 2010

On Feb 23, 2010, at 5:21 AM, firnsy wrote:

> On Tue, 2010-02-23 at 08:47 +0000, Sharma, Ashish wrote:
>> Here I want to know, Is the ‘Barnyard2’ also cleaning up the snort
>> logs?
> No, it doesn't. Barnyard2 is only parsing the snort unified log files.

Although you could save the unified files and read them back into the db at a later time if you wanted to with barnyard2.  As for cleaning up the DB, I think there is a script that can clean up the db.

If you Google "snort db cleanup" many sites come up, however, this one popped out at me.  Might give it a shot.


Joel Esler

More information about the Snort-users mailing list