Snort mailing list archives
Re: Archiving Snort logs
From: Joel Esler <jesler () sourcefire com>
Date: Tue, 23 Feb 2010 10:07:52 -0500
On Feb 23, 2010, at 5:21 AM, firnsy wrote:
On Tue, 2010-02-23 at 08:47 +0000, Sharma, Ashish wrote:Here I want to know, Is the ‘Barnyard2’ also cleaning up the snort logs?No, it doesn't. Barnyard2 is only parsing the snort unified log files.
Although you could save the unified files and read them back into the db at a later time if you wanted to with barnyard2. As for cleaning up the DB, I think there is a script that can clean up the db. If you Google "snort db cleanup" many sites come up, however, this one popped out at me. Might give it a shot. http://www.perlmonks.org/?node_id=247926 -- Joel Esler 302-223-5974 ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Archiving Snort logs Sharma, Ashish (Feb 23)
- Re: Archiving Snort logs firnsy (Feb 23)
- Re: Archiving Snort logs Joel Esler (Feb 23)
- Re: Archiving Snort logs Sharma, Ashish (Feb 24)
- Re: Archiving Snort logs Joel Esler (Feb 24)
- Re: Archiving Snort logs Paul Schmehl (Feb 24)
- Re: Archiving Snort logs justin joseph (Feb 25)
- Re: Archiving Snort logs Joel Esler (Feb 23)
- Re: Archiving Snort logs firnsy (Feb 23)
- Re: Archiving Snort logs Alex Tatistcheff (Feb 24)