Re: barnyard-0.1.0beta4

[Chris Green <cmg () uab edu>]

bthaler () webstream net writes:

> Demarc uses a different database structure than Acid.

For demarc/acid specific stuff... ok. I'm not positive that demarc
existed at the time of that plugin creation.  

> The comments for the Acid output plugin in the barnyard.conf file
> state: "Used to output data into the db schema used by ACID"
>
> While I have not actually verified this, I assume it's referring to
> Acid's schema, and not some generic schema. 

It was called ACID because acid and the that database format are
fairly closely coupled from a maintence standpoint.

> If, on the other hand, this output plugin writes to the generic
> snort tables present in both Acid and Demarc, then that's a
> different story.  Again, I'm going to assume that "Used to output
> data into the db schema used by ACID" means just that.  If this is
> not the case, then I suggest that someone either correct the
> comments in barnyard.conf, or rename the plugin.

The comments probably should be corrected...

> Anyway, I'm just trying to verify where this plugin actually writes
> to (db tables) without having to install, configure and run it
> myself.

grep INSERT op_acid_db.c.. Do any of those not work for demarc?
-- 
Chris Green <cmg () uab edu>
"Yeah, but you're taking the universe out of context."

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users