Barnyard logging to database

[Alexander Novokhatsky <alex.ontario () gmail com>]

Hello snort-users,

I have Linux-based configuration of snort, logging to unified files:

  output alert_unified: filename snort.alert, limit 128
  output log_unified: filename snort.log, limit 128

I'd like to set up barnyard so that it sends only alerts to the
database. But when I open these files I see that they are different and
barnyard can't process snort.alert.12328198 file.  It says that
timestamp can't be NULL.
If I configure it to process snort.log.12328198 file - it's working
fine.
Is it possible to configure it to process snort.alert files only?
Maybe it should be some specific parameters when I start barnyard?
-- 
Best regards,
 Alexander                          mailto:alex.ontario () gmail com


------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users