Home page logo

snort logo Snort mailing list archives

Re: Snort and multiple logging
From: Eoin Miller <eoin.miller () trojanedbinaries com>
Date: Wed, 06 Oct 2010 15:57:13 +0000

  On 10/6/2010 5:48 PM, egoitz () ramattack net wrote:
Hi all,

But I needed to generate file logs in order to OSSEC to be configured to
read it and doing active responses... (OSSEC AFAIK doesn't read from
mysql) and wanted to have a web gui for real time monitoring status of
intrusion activity and so... those banyard2 files are able to be read by
ossec? or could I say to barnyard2 to send to one remote syslog server the
logs (for ossec to be able to read them) and too... to a mysql server for
base to read them and display moment statistics??

thanks a lot for all you're help.

Snort Alert -> unified2 output -> barnyard2 reads it -> barnyard2 
outputs to mysql,syslog, and more

Just read about it and play with it.


-- Eoin

Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1,  ECMAScript5, and DOM L2 & L3.
Spend less time writing and  rewriting code and more time creating great
experiences on the web. Be a part of the beta today.
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]