Snort mailing list archives

RE: Quick Barnyard Question Newbie

From: "Scott Renna" <srenna () d-a-s com>
Date: Tue, 15 Jul 2003 11:20:29 -0400

Steve,

I believe this is a similar question to the one I had as well.  I am
running two instances of barnyard one for the alerts and one for logs.
List members have told me that this is the only way to currently process
both types of information.

Hope that helps.

Scott 

***************************
Scott Renna
Head Systems Administrator
Dynamic Animation Systems
703-503-0500

*************************** 

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Steve
Knoch
Sent: Tuesday, July 15, 2003 11:01 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Quick Barnyard Question Newbie


Hello,

Do I have to run 2 instances of barnyard to check both snort.alert and
snort.log files? I am currently using two input processor dp_log and
dp_alert. I then have 2 acid_db output plugins to log both alerts and
logs to my MySQL db. My startup script is barnyard -D -w /*/barn.waldo
-c /*/barnyard.conf -d /*/snort -g /*/gen-msg.map -s /*/sid-msg.map.

Will this read both unified output files? or did I miss a setting along
the way?  Is this the best way to do this?


Thanks in Advance,

Steve



-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list



-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Quick Barnyard Question Newbie Steve Knoch (Jul 15)
- RE: Quick Barnyard Question Newbie Scott Renna (Jul 15)
- <Possible follow-ups>
- RE: Quick Barnyard Question Newbie Steve Knoch (Jul 15)