[Snort-users] Snort and multiple logging

Eoin Miller eoin.miller at ...14586...
Wed Oct 6 11:57:13 EDT 2010


  On 10/6/2010 5:48 PM, egoitz at ...14994... wrote:
> Hi all,
>
> But I needed to generate file logs in order to OSSEC to be configured to
> read it and doing active responses... (OSSEC AFAIK doesn't read from
> mysql) and wanted to have a web gui for real time monitoring status of
> intrusion activity and so... those banyard2 files are able to be read by
> ossec? or could I say to barnyard2 to send to one remote syslog server the
> logs (for ossec to be able to read them) and too... to a mysql server for
> base to read them and display moment statistics??
>
> thanks a lot for all you're help.
> bye!!
>
Snort Alert -> unified2 output -> barnyard2 reads it -> barnyard2 
outputs to mysql,syslog, and more

Just read about it and play with it.

http://www.securixlive.com/barnyard2/index.php

-- Eoin




More information about the Snort-users mailing list