Snort mailing list archives
Re: clarification between barnyard2 and snort
From: Joel Esler <jesler () sourcefire com>
Date: Sun, 9 Oct 2011 00:57:21 -0400
On Oct 7, 2011, at 7:04 PM, MLP SCADA wrote:
Trying to configure barnyard2 to work with snort. Am passing familiar with snort. Not so much barnyard2.
Output from Snort in unified2. Barnyard2 will read the unified2 and output into the method you wish.
Is barnyard2 still considered good practice to use? Is it a viable project, or is there something else folks are preferring to use now? Does barnyard2 want to look in snort.log files? Or in alert files? Googling is not conclusive; have seen evidence of both, and some wild things also.
Nope, barnyard2 is perfect. See above. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire
------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2dcopy2
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- clarification between barnyard2 and snort MLP SCADA (Oct 08)
- Re: clarification between barnyard2 and snort Joel Esler (Oct 08)