[Snort-users] MySQL support for Snort 2.9.4

Kaya Saman kayasaman at ...11827...
Mon Dec 10 20:04:35 EST 2012


On 12/11/2012 01:00 AM, Jeremy Hoel wrote:
> Barnyard2 really is very easy to use.. and even if you plan on going
> to an older version, just stick with the unified2 output.  Easier to
> learn now then later.
>
> You install snort, get it working and logging to unified2, then have
> barnyard2 read that file and log it to a DB.  This allows snort to
> focus more on reading packets and making alerts and lets something
> else handle getting those alerts to the tool of your choice.
>
> As for the rules for 2.9.4, there isn't a set available?  I haven't
> checked, but that would be an interesting problem.  I'm sure Joel can
> chime in more in regards to that.

Thanks for the vote of confidence :-)

I've just compiled and installed Barnyard2 now and currently working on 
the integration with snort 2.9.3.1.

I just wonder if I will need to do anything different for my BASE setup??


Oh well.... guess I'll find out soon enough :-)


Regards,


Kaya

>
>
>
> On Tue, Dec 11, 2012 at 12:54 AM, Kaya Saman <kayasaman at ...11827...> wrote:
>> y am asking about the older version in addition is because the obtainable
>> rules are for that and not the later 2.9.4 which one would need subscription
>> for.
>>
>> I guess I will have to look at building Barnyard2 and figuring out how they
>> integrate. It's a bit of a shame as it makes setup and running easier (at
>> least fo





More information about the Snort-users mailing list