Snort mailing list archives

Barnyard part 2

From: "Esler, Joel - Contractor" <joel.esler () rcert-s army mil>
Date: Thu, 29 Jul 2004 08:40:09 -0400

Okay, Now, previous setup was Snort logging directly to mysql.  Now it
is logging to unified, Barnyard is now processing the mysql entries,
however, it is not inputting the packet data into ACID.  Where did the
packet data go?
 
J
 
(barnyard.conf)
 
output alert_acid_db: mysql, sensor_id 7, database snort, server
127.0.0.1, user snort
output log_acid_db: mysql, database snort, server 127.0.0.1, user snort,
detail full
 
Do i need to comment out alert_acid_db, and make it just "log_acid_db?

Current thread:

Barnyard part 2 Esler, Joel - Contractor (Jul 29)
- <Possible follow-ups>
- RE: Barnyard part 2 Esler, Joel - Contractor (Jul 29)
  - RE: Barnyard part 2 Jeff Dell (Jul 29)
    - Re: Barnyard part 2 sekure (Jul 29)
    - RE: Barnyard part 2 Jeff Dell (Jul 29)
- RE: Barnyard part 2 Esler, Joel - Contractor (Jul 29)
  - Re: Barnyard part 2 sekure (Jul 29)
- RE: Barnyard part 2 Esler, Joel - Contractor (Jul 29)