[Snort-users] snort installation and usage

Adrian Sevcenco Adrian.Sevcenco at ...16656...
Sat Jan 18 03:59:48 EST 2014


Hi! I am new to snort and i try to install it.
At this moment is not clear to me what exactly i am supposed to do, an
i am referring to the database option that it seems that it is removed.
All howtos on the net have examples with snort compiled with the option
--with-mysql and this seems to be removed.

So, at this moment my understanding is that
snort writes output to a binary unified2 file
->
barnyard2 process as input that file at regular time frames or
continuous and outputs the data in a chosen database (if i want
everything in database what should i choose: log or alert?)
->
the database in question is input for BASE, which also have the sql
script for database initialization in sql director...

Is this ok? do i missed something? does somebody have some example
configuration for barnyard and base? (and some words of wisdom regarding
the configuration of database (i use postgres))

Thank you!
Adrian




More information about the Snort-users mailing list