[Snort-users] snort installation and usage
Adrian Sevcenco
Adrian.Sevcenco at ...16656...
Sat Jan 18 13:48:13 EST 2014
On 01/18/2014 06:42 PM, waldo kitty wrote:
> On 1/18/2014 3:59 AM, Adrian Sevcenco wrote:
>> So, at this moment my understanding is that
>
> yes, your understanding is correct... direct database writes were removed from
> snort for various reasons... you have to use another tool to read snort's output
> and have that tool send the data to a database... these days, that tool is
> barnyard2... once the data is in the database, numerous other tools are
> available for use... if barnyard2 can talk to your chosen database, you should
> have no problems... your other tools will, of course, have to also talk to that
> database...
>
> i can offer no other assistance because we do not use snort with a database in
> our environment...
This confirmation is enough :) Thanks!
OTOH, how do you use snort? is there a GUI of some kind that can be an
direct visual interface for the snort data? (without the intermediate
database?)
Thanks a lot!
Adrian
More information about the Snort-users
mailing list