Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Baryard2 logging multiple messages at once

    IDS/IPS
    1
    1
    677
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      goosen8r
      last edited by

      New to Snort and Barnyard2 here, but I have a question about how it is logging messages. I have a Splunk instance receiving syslog messages from Barnyard2, but I see multiple alerts in each message that Barnyard2 is sending - sometimes up to 100+ alerts. Is this normal? I would rather have it send a separate message for each alert for trending purposes.

      Thanks in advance for the help.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post