[Snort-users] Barnyard2 to remote server

Sherman Boyd sherman at ...15372...
Sat Aug 27 02:15:30 EDT 2011


Hi,

I'm working on a realtime visualization project for snort.  I'd like
snort to pump all it's data over tcp/ip to a remote server, running
custom node server that parcels out each event to an html5 server.   I
don't want to use SQL, but other than that I'm pretty flexible with
how the data is encapsulated.  Is there an existing barnyard2 plugin
that will meet my needs?  Do I need to write a custom by2 output
plugin?  Or is there a way to pump the data out directly from snort?

To put it another way, I'm looking for alert_fast, except I don't want
to write to a file I want to send it to 192.168.9.1:1212.


Best regards,

Sherman Boyd




More information about the Snort-users mailing list