[Snort-users] Barnyard2 to remote server
sherman at ...15372...
Sat Aug 27 02:15:30 EDT 2011
I'm working on a realtime visualization project for snort. I'd like
snort to pump all it's data over tcp/ip to a remote server, running
custom node server that parcels out each event to an html5 server. I
don't want to use SQL, but other than that I'm pretty flexible with
how the data is encapsulated. Is there an existing barnyard2 plugin
that will meet my needs? Do I need to write a custom by2 output
plugin? Or is there a way to pump the data out directly from snort?
To put it another way, I'm looking for alert_fast, except I don't want
to write to a file I want to send it to 192.168.9.1:1212.
More information about the Snort-users