Snort mailing list archives
Re: Running Multiple Output Plugins
From: Jason <security () brvenik com>
Date: Thu, 05 Jan 2006 10:17:53 -0500
all output methods configured. Peter J Manis wrote:
I know unified output and barnyard is the fastest way to get data through snort. I was just wondering though, if you configured more than one output plug in to run, would snort perform both output actions, or would it do the first one it came across and thats it, or do neither not knowing what to do? thanks ----- Original Message ----- From: "Jason" <security () brvenik com> To: "Peter J Manis" <pmanis () comcast net> Cc: <snort-users () lists sourceforge net> Sent: Wednesday, January 04, 2006 9:18 PM Subject: Re: [Snort-users] Running Multiple Output PluginsEvery output plugin you configure snort to use reduces the amount of time it can spend analyzing packets. Use unified output and barnyard to post process the logs. Peter J Manis wrote:Quick question. Is it possible for Snort to run multiple output plugins at the same time? For example, having snort output to postgreSQL and CSV simultaneously? thanks ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- January Chicago 2600 Meeting Information Steven McGrath (Jan 04)
- Re: Running Multiple Output Plugins Peter J Manis (Jan 04)
- Re: Running Multiple Output Plugins Jason (Jan 04)
- Re: Running Multiple Output Plugins Peter J Manis (Jan 04)
- Re: Running Multiple Output Plugins Jason (Jan 05)
- Re: Running Multiple Output Plugins Jason (Jan 04)
- Re: Running Multiple Output Plugins Peter J Manis (Jan 04)