Re: Snort and SQL database

[Jeremy Hoel <jthoel () gmail com>]

Well assuming PFSense is a firewall and reporting on every
block/pass/whatever of traffic.. that will look completely different
then a snort alert which only reports on traffic that hit against a
rule; they are not the same thing.  You could have valid traffic all
day long and never trigger an alert.. but the firewall logs might be
busy logging all traffic.

But I could be missing the point of your question completely.



On Fri, Feb 1, 2013 at 11:22 PM, Josh Bitto <jbitto () onlineschool ca> wrote:
> I have after a week of battling with this finally got everything going on snort and then using barnyard2 to send the 
> alerts to mysql…..However, when I export the data from the sql database it doesn’t look the same at all as the report 
> in pfsense….
>
> I used barnyard2’s schema file to create the database and I’m not sure if that has something to do with it.
>
>
> Any suggestions?

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_jan
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!