Re: Alerts not Detected during Import?

[Chris Green <cmg () sourcefire com>]

"Dusty Hall" <halljer () auburn edu> writes:

> Erek,
>
>   Thanks for the Enlightening Answer, it all makes sense now.  I guess
> the only way to fix this is to change the output on Snort1 to point
> directly to the DB server?

Snort's unified formats and barnyard can solve this problem for you.
Snort writes unified the barnyard loads alerts + packets into mysql.
There are other sets of limitations but it does solve this problem.

Since it's been forever since I went to Auburn, I'll make the
obligatory duc duc goose joke. <G>

-- 
Chris Green <cmg () sourcefire com>
Laugh and the world laughs with you, snore and you sleep alone.


-------------------------------------------------------
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users