RE: Base Barnyard and Unified Logs

["Jim O'Leary" <j_oleary_langara () yahoo ca>]

Okay, so Barnyard can't take an ASCII Snort alert log and put it into MySQL.
Is there any other way to do that? Can Snort convert its own text alerts
into unified format? Is there another tool that will put Snort text alerts
into MySQL, or convert alerts into unified format?

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Michael
Scheidell
Sent: Monday, March 14, 2005 10:48 AM
To: Wes Young; snort-users () lists sourceforge net
Subject: RE: [Snort-users] Base Barnyard and Unified Logs


The issues is barnyard.

Barnyard only stores the sid, and THEN, reads sid-msg.map for signature
description.



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=ick
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=ort-users




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users