Snort mailing list archives

RE: More than one output module

From: "Joshua Berry" <jberry () PENSON COM>
Date: Thu, 15 Jul 2004 11:10:40 -0500

Maybe you are just overloading snort.  DB logging causes intensive CPU
by itself but doing it to two different DB's and also Syslog will
probably slow Snort down enough to miss things.

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Esler,
Joel - Contractor
Sent: Thursday, July 15, 2004 9:58 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] More than one output module

Has anyone experianced any problems with outputting to more than one
output module?  Is there a reason for it? Does the order matter?

I have Snort logging to mysql, oracle, and syslog.  But it seems when
syslog is turned, occasionally an alert will be missed in the db?

J

Current thread:

More than one output module Esler, Joel - Contractor (Jul 15)
- Re: More than one output module sekure (Jul 15)
- <Possible follow-ups>
- RE: More than one output module Joshua Berry (Jul 15)
- RE: More than one output module Esler, Joel - Contractor (Jul 15)
  - Re: More than one output module sekure (Jul 15)