Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort - Barnyard - Alert Aggrigating

From: Wes Young <wcyoung () buffalo edu>
Date: Fri, 10 Dec 2004 10:17:36 -0500
I'm running a snort server along with a seperate snort proccessing server with a shared SAN for data. 

Snort is creating a unified log
Barnyard is picking up that log and (currently) outputting to a BASE database 
A pipe that peaks around 600meg
This is good for analysis, but I would like to add alert aggrigating (to my email) to the mix with pigsentry (or similar tools if anyone knows of any better ones out there)
I'm still trying to figure out if barnyard can handle taking just the unified log, outputing to database and alert file for pigsentry
If anyone is using something similar to this let me know how its working, or maybe something I could do better.... 

Thanks!

--
Wes Young
Network Security Analyst
University at Buffalo




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: