[Snort-users] snort installation and usage
wkitty42 at ...14940...
Sat Jan 18 11:42:28 EST 2014
On 1/18/2014 3:59 AM, Adrian Sevcenco wrote:
> So, at this moment my understanding is that
yes, your understanding is correct... direct database writes were removed from
snort for various reasons... you have to use another tool to read snort's output
and have that tool send the data to a database... these days, that tool is
barnyard2... once the data is in the database, numerous other tools are
available for use... if barnyard2 can talk to your chosen database, you should
have no problems... your other tools will, of course, have to also talk to that
i can offer no other assistance because we do not use snort with a database in
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users