<div dir="ltr">I think the first thing to install is the database, But there is not a script to create tables, as Snort !!<br>and no "<b># output alert_unified: filename snort.alert, limit 128<br></b><div style="margin-left: 40px;">
<b> # output log_unified: filename snort.log, limit 128</b><br></div>in suricata.yaml we don't have any reference !<br>or we do not need to indicatate this,files are alreday unfied.2<br><br>Also to get Barnyard's Output
<ul><li><b>Log_acid_db :</b> type de base de données (MySQL)
</li><li><b>Database :</b> nom de la base de données de Snort (snort)
</li><li><b>Server :</b> nom du serveur (localhost)
</li><li><b>User :</b> nom d’utilisateur pour la connexion à la base de
données Snort
</li><li><b>Password :</b> mot de passe associé
</li><li><b>Detail :</b> niveau de detail (full)
</li></ul>I should have alreday a Database !!<br>so waht is it's structure !!!<br><br>thanks.<br><br><span style="color: rgb(192, 192, 192);">Anas</span><br><br><div class="gmail_quote">2010/6/22 Brant Wells <span dir="ltr"><<a href="mailto:bwells@tfc.edu">bwells@tfc.edu</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">I would recommend starting with BASE from <div><span style="font-family: arial,sans-serif; font-size: 13px; border-collapse: collapse; color: rgb(80, 0, 80);"><br>
</span></div><div><span style="font-family: arial,sans-serif; font-size: 13px; border-collapse: collapse; color: rgb(80, 0, 80);">>> <a href="http://base.secureideas.net/" style="color: rgb(42, 93, 176);" target="_blank">http://base.secureideas.net/</a></span></div>
<div><font color="#500050" face="arial, sans-serif"><span style="border-collapse: collapse;"><br></span></font></div><div><font face="arial, sans-serif"><span style="border-collapse: collapse;">Follow the documentation from there and get the web pages to load (of course, there won't be any information in them).</span></font></div>
<div><font face="arial, sans-serif"><span style="border-collapse: collapse;"><br></span></font></div><div><font face="arial, sans-serif"><span style="border-collapse: collapse;">That will be a start. Once you get that installed, write back and we can give you some pointers for getting Barnyard working with Suricata.</span></font></div>
<div><font face="arial, sans-serif"><span style="border-collapse: collapse;"><br></span></font></div><div><font face="arial, sans-serif"><span style="border-collapse: collapse;">See yas!<br>
~Brant</span></font></div><div><font face="arial, sans-serif"><span style="border-collapse: collapse;"><br></span></font></div><div><br><div class="gmail_quote"><div><div></div><div class="h5">On Tue, Jun 22, 2010 at 12:22 PM, Anas.B <span dir="ltr"><<a href="mailto:a.bouhsaina@gmail.com" target="_blank">a.bouhsaina@gmail.com</a>></span> wrote:<br>
</div></div><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"><div><div></div><div class="h5"><div dir="ltr">Please, can u guide, where can i find the Install solution ? (with Suricata)<br>
<br><br>Thank you.<br><br>
<div class="gmail_quote">2010/6/22 Will Metcalf <span dir="ltr"><<a href="mailto:william.metcalf@gmail.com" target="_blank">william.metcalf@gmail.com</a>></span><div><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Yes they do. But you can use barnyard/barnyard2 to feed the respective<br>
databases using the unified/unifed2 output from suricata.<br>
<br>
Regards,<br>
<font color="#888888"><br>
Will<br>
</font><div><div></div><div><br>
On Tue, Jun 22, 2010 at 10:13 AM, Martin Spinassi<br>
<<a href="mailto:martins.listz@gmail.com" target="_blank">martins.listz@gmail.com</a>> wrote:<br>
> On Tue, 2010-06-22 at 09:43 -0500, Will Metcalf wrote:<br>
>> You can use anything that will take output from barnyard or can handle<br>
>> unified/unified2 output natively. These tend to be the most popular<br>
>> ones I think, although I'm sure there are many more.<br>
>><br>
>> <a href="http://base.secureideas.net/" target="_blank">http://base.secureideas.net/</a><br>
>> <a href="http://snorby.org/" target="_blank">http://snorby.org/</a><br>
>> <a href="http://sguil.sourceforge.net/" target="_blank">http://sguil.sourceforge.net/</a><br>
>><br>
>> Regards,<br>
>><br>
>> Will<br>
><br>
> Will,<br>
><br>
> AFAIK, those gui tools needs a database to gather Suricata's statistics,<br>
> but suricata works with plain logs, not with a db, am I right?<br>
><br>
><br>
> Regrads,<br>
><br>
> Martin<br>
><br>
><br>
</div></div></blockquote></div></div><br></div>
<br></div></div><div class="im">_______________________________________________<br>
Oisf-users mailing list<br>
<a href="mailto:Oisf-users@openinfosecfoundation.org" target="_blank">Oisf-users@openinfosecfoundation.org</a><br>
<a href="http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
<br></div></blockquote></div><br></div>
</blockquote></div><br></div>