Snort mailing list archives
Re: v2.8.4 incorrect logging to MySQL
From: Joel Esler <jesler () sourcefire com>
Date: Mon, 13 Apr 2009 09:12:31 -0400
The preferred method of logging with any version of Snort is unified. Using Unified ensures the best performance of any output system available from Snort. Using a 3rd party tool such as barnyard or SnortUnified.pm to process the unified files and insert them into the DB relieves Snort from having to do DB inserts itself, which will have a performance drain on the system. This is isn't a reason to not upgrade. You must upgrade Snort to stay current with the proper detection. Joel On Mon, Apr 13, 2009 at 8:41 AM, James Lay <jlay () slave-tothe-box net> wrote:
From: Danny Paul <JDPAUL () GoColumbiaMO com> Date: Mon, 13 Apr 2009 07:22:04 -0500 To: Stephen Reese <rsreese () gmail com>, Matt Watchinski <mwatchinski () sourcefire com> Cc: Snort <snort-users () lists sourceforge net> Subject: Re: [Snort-users] v2.8.4 incorrect logging to MySQL I verified as well that no inserts were being made into the signatures or sensors table.I take it that folks needing this functionality should hold off on upgrading? Would it do any good to test this on different platforms (I was holding off to upgrade on Mac OS X 10.5.6 to see how this issue panned out)? James ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- joel esler | Sourcefire | gtalk: jesler () sourcefire com | 302-223-5974
------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: v2.8.4 incorrect logging to MySQL, (continued)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 10)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Matt Watchinski (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Stephen Reese (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL James Lay (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL Danny Paul (Apr 11)
- Re: v2.8.4 incorrect logging to MySQL JJ Cummings (Apr 10)
- Message not available
- Re: v2.8.4 incorrect logging to MySQL Joel Esler (Apr 13)
- Re: v2.8.4 incorrect logging to MySQL Matt Watchinski (Apr 13)
- R: v2.8.4 incorrect logging to MySQL: PATCH snortml (Apr 13)
- Re: R: v2.8.4 incorrect logging to MySQL: PATCH Todd Wease (Apr 13)
- Re: R: v2.8.4 incorrect logging to MySQL: PATCH Stephen Reese (Apr 13)
- Re: R: v2.8.4 incorrect logging to MySQL: PATCH Jason Wallace (Apr 14)
- Re: R: v2.8.4 incorrect logging to MySQL: PATCH Todd Wease (Apr 14)