[Snort-users] Snort and multiple logging
eoin.miller at ...14586...
Wed Oct 6 11:57:13 EDT 2010
On 10/6/2010 5:48 PM, egoitz at ...14994... wrote:
> Hi all,
> But I needed to generate file logs in order to OSSEC to be configured to
> read it and doing active responses... (OSSEC AFAIK doesn't read from
> mysql) and wanted to have a web gui for real time monitoring status of
> intrusion activity and so... those banyard2 files are able to be read by
> ossec? or could I say to barnyard2 to send to one remote syslog server the
> logs (for ossec to be able to read them) and too... to a mysql server for
> base to read them and display moment statistics??
> thanks a lot for all you're help.
Snort Alert -> unified2 output -> barnyard2 reads it -> barnyard2
outputs to mysql,syslog, and more
Just read about it and play with it.
More information about the Snort-users