Snort mailing list archives
Barnyard2 setup question (I'm not getting alerts from both instances)
From: Avery Rozar <Avery.Rozar () i-techsupport com>
Date: Mon, 14 Apr 2014 14:22:19 +0000
I have two snort instances (snort00, and snort01) running, inline for dna0:dna1, and inline for dna2:dna3. Snort instance 0 logs to snort00 (unified2) Snort instance 1 logs to snort01 (unified2) Barnyard2 instance 0 picks up snort00, and writes to alert0 Barnyard2instance 1 picks up snort01, and writes to alert1 Should I only have one barnyard2 instance? Its seems that I’m only getting alerts written to one or the other (alert0, alert1) not both. Even if an alerts triggers and gets written to snort00 or snort01 unified2 file. Thanks, Avery ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Barnyard2 setup question (I'm not getting alerts from both instances) Avery Rozar (Apr 14)