Re: [Sguil-users] Problem with running processes on separate boxes using 0.6.0rc3
Status: Beta
Brought to you by:
bamm
From: Paul S. <pa...@ut...> - 2005-11-18 21:32:29
|
--On Friday, November 18, 2005 14:57:29 -0500 Richard Bejtlich <tao...@gm...> wrote: > > Hi Brian, > > Sguil 0.6.0 has a new communications architecture, something like this: > > Snort -> Barnyard -> sensor_agent.tcl -> sguild -> MySQL > > In other words, Barnyard does not talk directly to MySQL anymore. > This is going to take some serious reworking of the port that I just submitted to FreeBSD. Is this an interim step? Or the final config? Is barnyard eventually going to include the patches? Or will they always have to be applied to run sguil? (Since I'm also maintaining barnyard, this is of special interest to me.) Paul Schmehl (pa...@ut...) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ir/security/ |