problems with barnyard, snort and mysql

[Kevin Smith <kjsmith () tm net>]

Hey everyone,

I already posted his on the forums but I noticed that I was accepted 
into the mailing list so I will also write it here as well, never hurts 
to cover all of your bases ;D. I am configuring a server that is using 
snort to examine traffic that would normally be deleted. By that, I mean 
traffic who's IP does not resolve to a valid location. We are using this 
information to detect possible users with virus on their machines. My 
question is what is a good configuration for Snort and Barnyard to work 
with MySQL. All the information I really need in the database is the 
source IP and port, destination IP and port, and the time that the 
packet was received. I am guessing that the '-A fast' option will take 
care of that part. So what should I have snort log too, what should 
barnyard pickup, and how do I export it to the database? I have tried a 
few different ways and I haven't had any luck. Thanks in advance for any 
solutions to my problem.

Kevin
Here is what my system is running:
SimplyMepis
MySQL -- Ver 14.7 Distrib 4.1.10, for pc-linux-gnu (i386)
Snort -- 2.2.0 Barnyard --
Barnyard Version 0.2.0 (Build 32)


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users