Re: Barnyard2 configuration and event generation

[waldo kitty <wkitty42 () windstream net>]

sometimes less is more... why go thru all the twists and turns when it seems 
that you only want is to list what is in the alert file? the alert file is a 
plain ascii text file that is easily parsed with perl (or most any other text 
parsing language or tools)... you can then output what ever you want from 
there... this is basically what the Guardian Active Response system does... 
however, its main goal is to manage blocked IPs by adding and removing them from 
the firewall's iptables and to do it all automatically...

if you need some details on parsing the alert file, just ask... it really is 
very simple...

------------------------------------------------------------------------------
LogMeIn Rescue: Anywhere, Anytime Remote support for IT. Free Trial
Remotely access PCs and mobile devices and provide instant support
Improve your efficiency, and focus on delivering more value-add services
Discover what IT Professionals Know. Rescue delivers
http://p.sf.net/sfu/logmein_12329d2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!