Do you have a question? Post it now! No Registration Necessary. Now with pictures!
November 18, 2006, 2:14 pm
rate this thread
Barnyard MySQL and BASE, probably on OpenBSD. I have installed/compiled
all modules on one computer, to confirm that they will work together
(with snortsam and using OpenBSD "pf").
I have some notion, but still am a bit unsure where to install the
different modules for sufficient performance for a live network.
Searched the web but could not find any guides. I put Snort on the
sensors and MySQL on a central server, but where do I put Barnyard and
BASE for adequate performance? (On each sensor, the database server or a
separate "transport"/webserver computer?)
I could test it myself, but I guess people have done it before and have
some experience to share. I have a number of different computers, with
varying specs and room for 3-4 NICs. What I'm looking for is a general
guide with some info on what load Barnyard and BASE generate on CPU, and
the data stream load (log file reading vs. database update).
- » Which Certification track is better? ISACA vs. ISC2 vs. SANS vs...?
- — Previous thread in » General Computer Security