Re: Performance... unified vs prelude

Both outputs can block but spo_unified is only gated by the disk whereas
spo_database can block for any db related reason. Given the choice
spo_unified is almost always preferred IMHO.

Martin Olsson wrote:
> 
> What do the snort community have to say about the difference between
> using unified logging (with barnyard) compared to using the prelude
> output plugin.
> 
> Is prelude slower than unified? Will the process be blocked as with
> spo_database? ...or is it as fast as unified logging?
> 
> /Martin
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live
> webcast
> and join the prime developer group breaking into this new coding territory!
> http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> Snort-devel mailing list
> Snort-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> 


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642