[Snort-users] snort installation and usage

waldo kitty wkitty42 at ...14940...
Sat Jan 18 11:42:28 EST 2014


On 1/18/2014 3:59 AM, Adrian Sevcenco wrote:
> So, at this moment my understanding is that

yes, your understanding is correct... direct database writes were removed from 
snort for various reasons... you have to use another tool to read snort's output 
and have that tool send the data to a database... these days, that tool is 
barnyard2... once the data is in the database, numerous other tools are 
available for use... if barnyard2 can talk to your chosen database, you should 
have no problems... your other tools will, of course, have to also talk to that 
database...

i can offer no other assistance because we do not use snort with a database in 
our environment...

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.




More information about the Snort-users mailing list