Snort mailing list archives
Re: Snort Alert Mysql Query
From: Rob MacGregor <rob.macgregor () gmail com>
Date: Mon, 15 Feb 2016 13:48:36 +0000
On Sun, Feb 14, 2016 at 5:35 PM adonis okpidi <adonisokpidi () gmail com> wrote:
Hi. I used Barnyard2 to read the snort.log file into MySQL database
Then you also need to join on the "cid" values as well as "sid" values. The
"sid" value is the sensor identifier, "cid" for the event (on that sensor).
--
Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Snort Alert Mysql Query adonis okpidi (Feb 13)
- Re: Snort Alert Mysql Query wkitty42 (Feb 13)
- Re: Snort Alert Mysql Query adonis okpidi (Feb 14)
- Re: Snort Alert Mysql Query Rob MacGregor (Feb 15)
- Message not available
- Re: Snort Alert Mysql Query Rob MacGregor (Feb 15)
- Message not available
- Re: Snort Alert Mysql Query Rob MacGregor (Feb 15)
- Re: Snort Alert Mysql Query adonis okpidi (Feb 14)
- Re: Snort Alert Mysql Query wkitty42 (Feb 13)
- <Possible follow-ups>
- Snort Alert MySQL Query adonis okpidi (Mar 14)
- Re: Snort Alert MySQL Query 강명훈 (Mar 15)
- Re: Snort Alert MySQL Query adonis okpidi (Mar 15)
- Re: Snort Alert MySQL Query 강명훈 (Mar 15)