Re: Homebrew unified2 processing vs barnyard2

[Eoin Miller <eoin.miller () trojanedbinaries com>]

  On 7/19/2010 7:14 PM, K D wrote:
> True, I suppose I'm wondering if barnyard2's performance leaves much 
> to be desired in the snort community. I haven't seen any major 
> complaints, and would imagine it's not the source of any major 
> bottlenecks (as opposed to the actual database). I'd be interested to 
> see what the Sguil guys would have to say about their experience and 
> decisions regarding barnyard2 for their project.
>
> Though I plan to stick with Postgresql for now, has there been any 
> thought or research in NSM events (snort, sancp, etc) being stored in 
> the trendier schema-less databases or a hybrid unified2 flat file and 
> rdbms setup?
>
> \\korodev

barnyard2 is going to outperform most everything else just due to the 
language it is written in versus all the python/perl/ruby/whatever. 
There was a duplicate entry bug I found about six months ago, but the 
maintainers fixed it super quick and it runs pretty flawlessly. Actively 
maintained and fast, you can't ask for much more.

-- Eoin

------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users