[Snort-users] How to best do DB *and* syslog logging?

Eoin Miller eoin.miller at ...14586...
Wed Nov 30 11:55:16 EST 2011


Barnyard2 does multiple outputs simultaneously.

http://www.securixlive.com/barnyard2/

-- Eoin

On 11/30/2011 4:45 PM, Miguel Alvarez wrote:
> Right now, I'm logging my snort alerts back to a syslog server but I'd
> like to start playing with Snorby.  Please correct me if I'm wrong but
> I think the ideal way to do this would be to log via unified2 and use
> barnyard to send the alert data to snorby's DB but I can't lose my
> syslog functionality.  I really wish barnyard was able to do this on
> non-Windows boxes!  But what would be the best way to achieve this
> short of running two separate snort instances?
> 






More information about the Snort-users mailing list