Re: Barnyard2 to remote server

[Sherman Boyd <sherman () twocell com>]

> > Just have Snort or Barnyard output as syslog and have the syslog
> > server be your custom node.  Parsing syslog is trivial, and you can
> > the apply your HTML5 wrapper around it.  This will be the best
> > solution because you do not need to customize Snort or Barnyard--they
> > can be stock installations.  All of the custom code will be on your
> > custom node.

Thank you.  After turning off the 'last message repeated 37 times'
functionality in rsyslog that's working nicely.  If I decided that I
wanted the full packet data is there a way to do that with syslog, or
am I looking at writing a custom plugin for by2 at that point?


Best regards,

Sherman Boyd

------------------------------------------------------------------------------
EMC VNX: the world's simplest storage, starting under $10K
The only unified storage solution that offers unified management 
Up to 160% more powerful than alternatives and 25% more efficient. 
Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!