Snort / barnyard, please explain the feature for a noob
-
Hi Guys
So, I put snort on the pfsense after moving it to a physical machine again, and then I see that barnyard2 is included.
I can see from the description that it ofloads the snort from doing the logging, and let's barnyard2 do it for it.
I also understands that it does it to a mysql db (so far).
I've created the database, and the db user.
But I don't see any tables created in the db, am I supposed to do that myself? If so, what tables?
Is the idea that I can read the logs from a workstation, or just from snort itself? -
-
Huh!
Why on earth do you send a link on how to install it?
I know snort, I just wanted to find out why barnyard2 is a big advantage, as far as I can see it's only that it logs to a mysql server…
-
Well I gave you that link because it gives you the necessary information to get barynyard2 up and running.
With barnyard2 not only does it make snort work faster by using mysql it also allows you to use one of the many frontends for snort such as snorby.