Snort mailing list archives
multiple sensors, one db
From: Jari Pirhonen <lists () atbusiness com>
Date: Tue, 22 May 2001 12:37:53 +0300
Hi, We want to install multiple snort-sensors which should log in one database. We would like to keep log-db in our internal network. We are not going to open our fw to allow Snort to contact our internal network directly. We are planning to use ACID also. Does anyone have any good architecture suggestions? Does MySQL replication features help? Internal db could use replication to fetch information from Snort-specific databases. Can I log several Snort-sensors in ONE database or do I need separate instances for each Snort-sensor? Is it possible to use ACID to search from several Snort-logs or so we need to handle each Snort-logs separately? Is there a better way to get "big picture" from several Snort-sensors? Jari -- Jari Pirhonen japi () atbusiness com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- multiple sensors, one db Jari Pirhonen (May 22)