[Snort-users] Load alerts read from file to database
Al Lewis (allewi)
allewi at ...589...
Sat Feb 4 18:10:45 EST 2017
Are the alert files in unified2 format?
You may want to look here for some more info on barnyard.
SOURCEfire, Inc. now part of Cisco
Email: allewi at ...589...<mailto:allewi at ...589...>
From: Paul Li <paul at ...17768...<mailto:paul at ...17768...>>
Date: Saturday, February 4, 2017 at 1:05 AM
To: 'snort-users' <snort-users at lists.sourceforge.net<mailto:snort-users at lists.sourceforge.net>>
Subject: [Snort-users] Load alerts read from file to database
I'm using Snort to read a file and Snort generates alerts. But when tried using Barnyard2 load these alerts to database, no alerts were loaded. Is there any configuration I should change to make it work, or Barnyard2 doesn't support loading alerts from files?
(When Snort generates alerts from monitoring a networking interface, Barnyard successfully loaded alerts to the database.)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users