Snort mailing list archives
Re: [Snort-devel] barnyard2 development
From: "Jefferson, Shawn" <Shawn.Jefferson () bcferries com>
Date: Wed, 22 Apr 2009 15:53:36 -0600
I'm using two instances of barnyard 0.20 with the unified format, one to send the log data to BASE, and the other to send the alert data to a syslog server. Will this configuration still work with unified2 and barnyard2 ? -----Original Message----- From: Michael Green [mailto:Michael.Green () gbst com] Sent: April 22, 2009 2:23 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] [Snort-devel] barnyard2 development G'day I've been happily using barnyard (with multiple patches) for quite some time and was very surprised to hear that barnyard2 even existed. While I have been happy with barnyard I have been concerned that it's no longer being maintained, especially with the apparent push to disable output methods other than unified. So now I discover that I can use unified2 and barnyard2. Great! Why isn't barnyard2 linked from snort.org? Why isn't unified2 in the default snort.conf? Is there something that you guys aren't telling us? Does Sourcefire have a problem with barnyard2? I just wondering what other people think about migrating to unified2 & barnyard2. Is this something that we all should be doing? Regards Michael Green -----Original Message----- From: firnsy [mailto:firnsy () securixlive com] Sent: Tuesday, 21 April 2009 7:20 PM To: 'Jason Brvenik' Cc: snort-users () lists sourceforge net; snort-devel () lists sourceforge net Subject: Re: [Snort-users] [Snort-devel] barnyard2 development Actually Jason Wallace gave me the heads up. I was clearly under the illusion that our efforts were known to the wider Snort community ;) Our documentation is always improving based on user questions and feedback. If a question comes in and we don't feel it's adequately answered in the documentation then we'll rectify it as appropriate. As for the packaging I totally agree, though I personally only have limited experience in packaging (Debian/RedHat). The codebase is currently only 'nix compatible and is developed in a Debian environment. I'd be interested to read what is considered the common platforms that would desire said pre-built binary packages. - firnsy
Jason Brvenik wrote: G'day to you. Good to see the devs involved, would this mail by any chance be prompted by the out of hand thread on direct database logging? :) Since nobody has replied I'll kick off with a statement and a question. I've found the two biggest blockers for people taking up the tools are pre-build packages and documentation. Do you have any pre-built packages?
------------------------------------------------------------------------ ------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- barnyard2 development firnsy (Apr 18)
- Re: [Snort-devel] barnyard2 development Jason Brvenik (Apr 20)
- Re: [Snort-devel] barnyard2 development firnsy (Apr 21)
- Re: [Snort-devel] barnyard2 development Jason Wallace (Apr 21)
- Re: [Snort-devel] barnyard2 development Jason Brvenik (Apr 21)
- Re: [Snort-devel] barnyard2 development Michael Green (Apr 22)
- Re: [Snort-devel] barnyard2 development Jefferson, Shawn (Apr 22)
- Re: [Snort-devel] barnyard2 development Joel Esler (Apr 22)
- Re: [Snort-devel] barnyard2 development firnsy (Apr 21)
- Re: [Snort-devel] barnyard2 development Jason Brvenik (Apr 20)