Snort mailing list archives
Re: Barnyard output
From: "Jon Baer" <security () jonbaer net>
Date: Tue, 5 Aug 2003 19:02:34 -0700
it really all depends on what u want to do w/ the dumps of alerts you get ... ACID is a GUI tool viewing the events snort puts out ... you could do this: Snort -> MySQL -> ACID Snort -> Barnyard -> MySQL -> ACID honestly if you are not loading up tons of traffic or on a big network you don't need to use barnyard, its primarily if you need an optimized snort ... the goal of barnyard is to form one unified type of output. (snort binary) - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 ----- Original Message ----- From: Stevo To: Jon Baer ; snort-users () lists sourceforge net Sent: Tuesday, August 05, 2003 3:09 PM Subject: Re: [Snort-users] Barnyard output So how does Barnyard differ from ACID?? I'm using ACID right now - is there value in loading up Barnyard... I wanna be a farmer! ----- Original Message ----- From: Jon Baer To: snort-users () lists sourceforge net Sent: Tuesday, August 05, 2003 5:45 PM Subject: Re: [Snort-users] Barnyard output its suppose to give you what you want it to give you :-) i dont get why people dont understand what barnyard is/does ... here is my own brief explanation (feel free to correct): * snort -> unified output (this is binary logging format) * unified output -> barnyard -> whatever you would like (cvs, tcpdump, mysql, xml, pdf, word, etc - whatever is currently available) so rather than making snort do the 'whatever you want' process, you let barnyard do it. and then there is you, the farmer, controlling the pigs (sensors) and cleaning out the barn :-) - jon pgp key: http://www.jonbaer.net/jonbaer.asc fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47 ----- Original Message ----- From: Tony Martin To: snort-users () lists sourceforge net Sent: Tuesday, August 05, 2003 2:06 PM Subject: [Snort-users] Barnyard output I am trying to figured out exactly what I can gain from installing barnyard. Would anyboby be willing to either send me a peace of a barnyard log or a screen shot to take a look at? You can sanitize any info you don't want me to see, I would just like to see a real example of what it gives you. thanks Terry -------------------------------------------------------------------------- Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software
Current thread:
- Barnyard output Tony Martin (Aug 05)
- RE: Barnyard output Scott Renna (Aug 05)
- Re: Barnyard output Jon Baer (Aug 05)
- Re: Barnyard output Stevo (Aug 05)
- Re: Barnyard output Jon Baer (Aug 05)
- Re: Barnyard output Stevo (Aug 05)
- Re: Barnyard output Ralf Spenneberg (Aug 06)
- Re: Barnyard output AGM (Aug 06)
- Re: Barnyard output Erek Adams (Aug 06)