Re: Snort logs to MySQL

["Al Lewis (allewi)" <allewi () cisco com>]

The direct logging from snort probably was done for performance reasons and to keep snort more lean.

Depending on how you set up logging you may need something to help you read them ( i.e u2spewfoo ) The section on 
logging is here:

http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node21.html



Albert Lewis
ENGINEER.SOFTWARE ENGINEERING
SOURCEfire, Inc. now part of Cisco
Email: allewi () cisco com<mailto:allewi () cisco com>

From: Abdullah AL-Mutairy <abohabeeb1412 () gmail com<mailto:abohabeeb1412 () gmail com>>
Date: Friday, January 27, 2017 at 12:57 PM
To: 'snort-users' <snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net>>
Subject: [Snort-users] Snort logs to MySQL


Hello everyone!

I'm wondering why snort developers stopped supporting logging to SQL database directly? I know i can use barnyard2 to 
log into SQL DB .. but isn't it better if snort just logs to SQL directly?

Another thing .. i tried reading the logs in snort\log but it's not readable! Just random letters and symbols.


I'm new to snort as IDS .. and i appreciate your help ^_^

Thanks!
. . . . .

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!