Re: MySQL support for Snort 2.9.4

[Jeremy Hoel <jthoel () gmail com>]

Barnyard2 really is very easy to use.. and even if you plan on going
to an older version, just stick with the unified2 output.  Easier to
learn now then later.

You install snort, get it working and logging to unified2, then have
barnyard2 read that file and log it to a DB.  This allows snort to
focus more on reading packets and making alerts and lets something
else handle getting those alerts to the tool of your choice.

As for the rules for 2.9.4, there isn't a set available?  I haven't
checked, but that would be an interesting problem.  I'm sure Joel can
chime in more in regards to that.



On Tue, Dec 11, 2012 at 12:54 AM, Kaya Saman <kayasaman () gmail com> wrote:
> y am asking about the older version in addition is because the obtainable
> rules are for that and not the later 2.9.4 which one would need subscription
> for.
>
> I guess I will have to look at building Barnyard2 and figuring out how they
> integrate. It's a bit of a shame as it makes setup and running easier (at
> least fo

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!