Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Output database plugin.

From: "Emilio José Mira Alfaro"<emial () alumni uv es>
Date: Thu, 7 Mar 2002 13:52:08 +0100 (CET)
Hi all.

I have a questions about output database plugin:

1) Whether -A option is used to configure alert mode and -b option to
log mode, why -A option override output database plugin when this
plugin is configured with log facility?:

output database: log, mysql, user=root password=test dbname=db
host=localhost

2) What diference is there between log and alert facility with output
database plugin?. I use log facility (by default in snort.conf) with
mysql database and it stores packets and alerts, while postgresql is
configured by default with alert facility.

3)Rules with alert action first generate an alert and then log the
packet, and rules with log action only log the packet, so, why is
different in output database pluging?.

Thank you!!

--
Emilio Mira
e-mail: emial () alumni uv es















_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: