Re: Fwd: Snort not righting to DB

["Louis Bohm" <lbohm () adnexustx com>]

I am having a bad typing day.....

So now that I have barnyard running and snort (supposedly) righting to:
        output alert_unified: filename snort.alert, limit 256
        output log_unified: filename snort.log, limit 256

I have 4 interfaces on this machine.  One to communicate to it and 3 in
passive mode.  Snort is righting to
/var/log/snort/{interface}/snort.log.{some number}.  Is barnyard smart
enough to look in to all the interface directories and read the
snort.log file?  Or do I need to do something different?

Lastly, is Barnyard the best tool for loading the data in to the
database or would something like Syslog-NG be better?

Louis

~~
-------------------------------------
Louis Bohm
Network Administrator
Adnexus Therapeutics
781.209.2324
-------------------------------------

-----Original Message-----
From: Dirk Geschke [mailto:dirk () geschke-online de] 
Sent: Wednesday, June 20, 2007 11:02 AM
To: Louis Bohm
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Fwd: Snort not righting to DB

Hi Louis

>  output log_aciddb: mysql, sensor_id 1, database snortDB, server
> localhost, user snortuser, password XXXXX, detail full

there is a typo, it must be "log_acid_db"...

Best regards

Dirk


-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users