Snort mailing list archives

Re: Reading to MySQL

From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 26 Oct 2015 18:33:44 +0000

Totally not the question asked.

--
Joel Esler
Manager, Talos Group

On Oct 26, 2015, at 2:07 PM, Ryan <ryan () organizedvillainy com> wrote:

Attached is a ruby script I wrote a while ago that watches your suricata
unified log and transmits it to syslog. You could easily manipulate this
into injecting into MySQL instead.

_R

On 10/26/15 1:00 PM, wkitty42 () windstream net wrote:

On 10/26/2015 12:22 PM, Adonis Okpidi wrote:

Please I was wondering what the process is to generate alerts to a MySQL database?

you have to configure snort to use unified logging as well as installing
barnyard2 to read the unified log and emit it to the database...


<unified_watcher.rb>------------------------------------------------------------------------------
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

------------------------------------------------------------------------------

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Reading to MySQL Adonis Okpidi (Oct 26)
- Re: Reading to MySQL wkitty42 (Oct 26)
  - Re: Reading to MySQL Ryan (Oct 26)
    - Re: Reading to MySQL Joel Esler (jesler) (Oct 26)