Snort mailing list archives
Barnyard2 to remote server
From: Sherman Boyd <sherman () twocell com>
Date: Fri, 26 Aug 2011 23:15:30 -0700
Hi, I'm working on a realtime visualization project for snort. I'd like snort to pump all it's data over tcp/ip to a remote server, running custom node server that parcels out each event to an html5 server. I don't want to use SQL, but other than that I'm pretty flexible with how the data is encapsulated. Is there an existing barnyard2 plugin that will meet my needs? Do I need to write a custom by2 output plugin? Or is there a way to pump the data out directly from snort? To put it another way, I'm looking for alert_fast, except I don't want to write to a file I want to send it to 192.168.9.1:1212. Best regards, Sherman Boyd ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 to remote server Sherman Boyd (Aug 26)
- Re: Barnyard2 to remote server beenph (Aug 27)
- Re: Barnyard2 to remote server Sherman Boyd (Aug 27)
- Re: Barnyard2 to remote server Martin Holste (Aug 27)
- Re: Barnyard2 to remote server Sherman Boyd (Aug 27)
- Re: Barnyard2 to remote server Martin Holste (Aug 27)
- Re: Barnyard2 to remote server Sherman Boyd (Aug 27)
- Re: Barnyard2 to remote server beenph (Aug 27)