[Snort-users] MySQL support for Snort 2.9.4
kayasaman at ...11827...
Mon Dec 10 20:04:35 EST 2012
On 12/11/2012 01:00 AM, Jeremy Hoel wrote:
> Barnyard2 really is very easy to use.. and even if you plan on going
> to an older version, just stick with the unified2 output. Easier to
> learn now then later.
> You install snort, get it working and logging to unified2, then have
> barnyard2 read that file and log it to a DB. This allows snort to
> focus more on reading packets and making alerts and lets something
> else handle getting those alerts to the tool of your choice.
> As for the rules for 2.9.4, there isn't a set available? I haven't
> checked, but that would be an interesting problem. I'm sure Joel can
> chime in more in regards to that.
Thanks for the vote of confidence :-)
I've just compiled and installed Barnyard2 now and currently working on
the integration with snort 22.214.171.124.
I just wonder if I will need to do anything different for my BASE setup??
Oh well.... guess I'll find out soon enough :-)
> On Tue, Dec 11, 2012 at 12:54 AM, Kaya Saman <kayasaman at ...11827...> wrote:
>> y am asking about the older version in addition is because the obtainable
>> rules are for that and not the later 2.9.4 which one would need subscription
>> I guess I will have to look at building Barnyard2 and figuring out how they
>> integrate. It's a bit of a shame as it makes setup and running easier (at
>> least fo
More information about the Snort-users