Re: data base

[waldo kitty <wkitty42 () windstream net>]

On 7/24/2013 05:45, Abid Ayoub wrote:
> Hello,
> i want to save the sniff result in a data base.
> So , how can i do that when i have a lot of traffic?
> Soll i use barnyard2 , i didn´t understand why should i use it and what for ?

barnyard2 reads the snort unified2 log file and puts the data into the database 
for you... barnyard2 handles all the database communication... before, when 
snort tried to do it, snort could get hung up waiting on the database to 
respond... during that period, traffic would be lost to snort and it could not 
analyze it... since the alerts and evidence are written to the unified2 log, 
barnyard2 can put it in the database when possible... if the database is down 
for some reason, barnyard2 will wait for the database to come back and then 
continue to put the data in... all this time, snort is still analyzing the 
traffic and no data is lost...

does that answer your questions?

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!