[Snort-users] Multiple snorts & Barnyard2

Peter Bates peter.bates at ...15381...
Thu Jun 21 11:47:51 EDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello all

I was just wondering if I was missing any tricks here
- - and interesting if anyone is doing things differently.

I'm spawning multiple Snort processes - with a different
- -l to write unified2 output into seperate directories.

As a result I'm running multiple Barnyard2 processes, each reading the
directories in continuous mode - and writing to DB and Syslog.

Is this the optimal way of doing things, or am I missing a crafty
command-line option somewhere?

- -- 
Peter Bates
Senior Computer Security Officer    Phone: +44(0)2076792049
Information Services Division	    Internal Ext: 32049
University College London
London WC1E 6BT

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJP40InAAoJELhVoVpEMS6RwSkIAKKZY5r4XkpBOqjJwdZMxIzM
8vXLfYae1vJ9JTmo+bstjDHR/ls9BScwoQAqthmFzwwkqWCn4kHgp2eFlWukQsCL
/EuBMIjUItOlz3JpfCnmQqiALFPfNDS90TxUPufTKoi1SpGr+p3Bkw4At37Z3U6M
v8wWsU7dImlScSfObBN5DqeAB44S6DiLN1I5nFoJ2i9JJcFmOZPuPBeY9wrW6gqb
cIsAg6sgwYkhnnY/txaADucncrlhZdWPy3iy5oPSbopJfOpjCuw1TPLYc+j35NQN
eB15mWemzZ8MtUAh9iN/posQIxgcbOI+bDjpPnvysSHCb7klNsw/1N/17OiIJJs=
=lcX5
-----END PGP SIGNATURE-----





More information about the Snort-users mailing list