Snort mailing list archives
Re: v2.8.4 incorrect logging to MySQL
From: Leon Ward <seclists () rm-rf co uk>
Date: Tue, 14 Apr 2009 18:18:16 +0100
Keep -A fast (or console) for testing purposes while creating rules and you have vote #3. -L On Tue, Apr 14, 2009 at 5:08 PM, JJ Cummings <cummingsj () gmail com> wrote:
/me raises hand.. "I" On Tue, Apr 14, 2009 at 9:56 AM, Joel Esler <jesler () sourcefire com> wrote:Seconded. On Tue, Apr 14, 2009 at 11:38 AM, Jason Brvenik <jasonb () sourcefire com>wrote:Here is my vote to remove all output methods from the engine except unified, to remove the code complexity. People are much better off having two dedicated processes achieving a common goal than they are with the code complexity and issues in the one code base. On Tue, Apr 14, 2009 at 8:31 AM, James Lay <jlay () slave-tothe-box net> wrote:________________________________ From: Ron Jenkins <rjenkins () rmjcs net> Date: Mon, 13 Apr 2009 09:21:09 -0500 To: 'Joel Esler' <jesler () sourcefire com> Cc: James Lay <jlay () slave-tothe-box net>, Snort <snort-users () lists sourceforge net> Subject: RE: [Snort-users] v2.8.4 incorrect logging to MySQL We are backing down from v2.8.4 until the new version can successfullywriteto the sensor and signature tables correctly. Until Soucrefire truly removes writing to the MySQL database and forces unified logging we see no reason to change at this time. Yes the newrulechanges are much wanted, but after reading on the mass issues on thesnortforums with the new version we are holding off on the update. Thanks I have to chime in and second this. Though Unified might be best, for smaller shops, my perception is that barnyard is an added layer of complexity. I run snort at the house on OS X...pretty much to catchtheobvious dumb crap coming in from the outside world and to catch if thekidsmachines get something naughty. Again, larger shops where IDS ismissioncritical should take the extra step, but small ones..eh...I’ve foundthatlogging direct to mysql works well enough. My 0.02 I guess. James------------------------------------------------------------------------------This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- joel esler | Sourcefire | gtalk: jesler () sourcefire com | 302-223-5974 ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users-- ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users<https://lists.sourceforge.net/lists/listinfo/snort-users%0ASnort-users>list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: v2.8.4 incorrect logging to MySQL, (continued)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Wallace (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Paul Schmehl (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Wallace (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Randal T. Rioux (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Leon Ward (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jack Pepper (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jason Brvenik (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Loyal A Moses (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Jefferson, Shawn (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Loyal A Moses (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Randal T. Rioux (Apr 14)
- Re: v2.8.4 incorrect logging to MySQL Martin Roesch (Apr 14)