Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Barnyard and Oracle

From: AWDELASH () UP COM
Date: Tue, 17 Dec 2002 11:31:51 -0600
Is anyone working on implementing Oracle support in Barnyard?  If not, are
there plans for future support?  We would like to use Barnyard, but only
have Oracle in our environment.  I would be happy to offer any assistance I
can!

Off topic, has anyone run into problems reprocessing regular binary logs?
If I run snort for a set period of time, logging to an alert  file ( -A
full ) and to a binary file ( -b ).  I stop snort, reprocess my binary log
( -r ) and generate a new alert file ( -A full ) from the binary log.
If my understanding is correct, the two alert files should be identical.
Since the binary log is a packet capture of every alert generated by the
previous live run.  Not only will the two alert files completely differ...
when reprocessing the binary log snort will only alert on a fraction of
events if any at all!

Thanks!

Aaron DeLashmutt
Data Security
Union Pacific Railroad
Phone : (402) 271-4996
Email : awdelash () up com





-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility 
Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: