Re: Output Plugins: Multiple Databases: msg#00002

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Correct... I am reading one for each... (Alert and Log) they just use
the same config file...
And each type is being handled properly...

let me Clearify:

DB1: Alert
DB2: Log

DB3: Alert_archive
DB4: Log_archive

Now: DB1 and DB2 are being populated by 2 diff instances of barnyard
properly, DB3 and DB4 are getting nothing. (They are basically mirror
databases).

According to: http://www.snort.org/docs/faq/1Q05/node88.html
it seems like it should have no problem being done (The log instance
outputs to DB2 and DB4, and Alert instance outputs to DB1 and DB3)


Bamm Visscher wrote:
> You'd have to run two instances of barnyard to do that. Barnyard can
> only process one type of spool file at a time (unified alert or
> unified log).
> 
> Bammkkkk
> 
> On 5/24/05, Wes Young <wcyoung@xxxxxxxxxxx> wrote:
> 
> has anyone had sucess with this in the barnyard config:
> 
> output alert_acid_db: mysql, sensor_id 1, database snort, server
> localhost, user snort, password pass
> output log_acid_db: mysql, database snort_log, server localhost, user
> snort, detail full, password pass
> 
> output alert_acid_db: mysql, sensor_id 1, database snort_archive_alert,
> server localhost, user snort, password pass
> output log_acid_db: mysql, sensor_id 1, database snort_archive_log,
> server localhost, user snort, detail full, password pass
> 
> 
> It writes to the first set of DB's ok... but nothing gets to the second
> set.... no errors, nothing.
> 

- -------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
Barnyard-users mailing list
Barnyard-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/barnyard-users





- --
Wes Young
Network Security Analyst
University at Buffalo
GPG Key: http://saxjazman9-security.blogspot.com/2005/01/gpg-key.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCk4hD1M5o0FsrrbERAk4eAKCZGI7MEaLkAqICt8EMNTNjX6RGcwCdEDYI
F0YoZUIFGKeXqxxaysZP+kk=
=vnrf
-----END PGP SIGNATURE-----


-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005

Previous by Date:	Re: Output Plugins: Multiple Databases, Bamm Visscher
Next by Date:	Re: Output Plugins: Multiple Databases, Bamm Visscher
Previous by Thread:	Re: Output Plugins: Multiple Databases, Bamm Visscher
Next by Thread:	Re: Output Plugins: Multiple Databases, Bamm Visscher
Indexes:	[Date] [Thread] [Top] [All Lists]