[Snort-users] How to best do DB *and* syslog logging?
miguellvrz9 at ...11827...
Wed Nov 30 11:45:00 EST 2011
Right now, I'm logging my snort alerts back to a syslog server but I'd
like to start playing with Snorby. Please correct me if I'm wrong but
I think the ideal way to do this would be to log via unified2 and use
barnyard to send the alert data to snorby's DB but I can't lose my
syslog functionality. I really wish barnyard was able to do this on
non-Windows boxes! But what would be the best way to achieve this
short of running two separate snort instances?
More information about the Snort-users