Snort mailing list archives

Re: barnyard question

From: Chris Green <cmg () uab edu>
Date: Tue, 06 Nov 2001 09:56:10 -0600

Greg Sarsons <gsarsons () istop com> writes:

I just finished dumping a snort binary dump file to a mysql database
using log and creating a rule that put everything to the database ie 

ip any any -> any any

This took 3 days to put about 12hours of traffic into the database.
(the dump file is over 10Gigs)

I was wondering if I will get any kinda of improvement if I use Barnyard
to do this?


You shouldn't.   Barnyard was designed to do basically the same thing
you are doing and breaking the possibly slow insertion from the actual
capture.
-- 
Chris Green <cmg () uab edu>
Laugh and the world laughs with you, snore and you sleep alone.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

barnyard question Greg Sarsons (Nov 06)
- Re: barnyard question Chris Green (Nov 06)