Snort mailing list archives
Barnyard logging to database
From: Alexander Novokhatsky <alex.ontario () gmail com>
Date: Mon, 28 Sep 2009 14:27:30 -0400
Hello snort-users, I have Linux-based configuration of snort, logging to unified files: output alert_unified: filename snort.alert, limit 128 output log_unified: filename snort.log, limit 128 I'd like to set up barnyard so that it sends only alerts to the database. But when I open these files I see that they are different and barnyard can't process snort.alert.12328198 file. It says that timestamp can't be NULL. If I configure it to process snort.log.12328198 file - it's working fine. Is it possible to configure it to process snort.alert files only? Maybe it should be some specific parameters when I start barnyard? -- Best regards, Alexander mailto:alex.ontario () gmail com ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Barnyard logging to database Alexander Novokhatsky (Sep 28)