[Snort-users] Distributed Snort

Joel Esler jesler at ...1935...
Fri May 11 12:28:31 EDT 2012


Have barnyard2 read the unified2 files from both sensors and report back to a single DB collection instance.  Just name the sensors different things in your barnyard2.conf file.


On May 11, 2012, at 11:21 AM, Adam Orton wrote:

> Hey Guys,
>  
> I am currently running 2 snort sensors, both of which have their own standalone SQL DB and BASE GUI installed.
>  
> Is there a best practise way of dragging both sets of alert data back to one central location and viewing with a GUI such as BASE?
>  
> Regards,
> 
> Adam
>  




More information about the Snort-users mailing list