Snort + Demarc Remote logging?

[diwelf <diwelf () rogers com>]

Hi,
I'm sure this is probably a really stupid question, But I just couldn't 
find my answer anywhere on google or in mailing lists. So, here goes.

What i'm trying to do is the following:

----> internet --> Openbsd (gateway/nat/snort) ->> switch ->> internal

What i'm trying to do, is get snort running on the openbsd box, then 
sending the logs it creates to a mysql server on my windows box, inside 
the network. I'm trying to monitor all the attempts on my firewall. I 
have mysql, apache +ssl, demarc installed on the windows box. Now, my 
question is, is this possible without running two copies of demarc? (one 
on the router, one on the windows box?). The logs seem to be getting 
sent to the database, i'm just unsure as to how to setup demarc to read 
them properly i guess. I've been trying for three days straight and i 
just can't figure this out. Or, is there a better solution? Thanks.

Matt
diwelf () nospam gmx net





_______________________________________________________________

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidth () sourceforge net
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users