Quick Barnyard question...

[Jeff Kell <jeff-kell () utc edu>]

Probably stoooopid question, but I can't hold back any longer:

I'm starting to look into barnyard (number of sensors is growing, need to centralize reporting, moving toward sguil as 
a goal...) but I haven't been able to find a good quick overview of what it does.  I know it accepts unified alert 
files and can feed databases for later analysis, but specifically:

* Is there a Barnyard "master" that sits on the database server, collecting alert files from all the sensors and 
loading into a database?

* Is there a Barnyard "agent" that moves unified alerts from the sensor to the "master"?

* Or does Barnyard just run on each sensor and writes back SQL to a common backend database server?

Jeff



-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users