On Thu, Feb 07, 2002 at 09:22:33PM +0100, Mike Blomgren wrote: > However, judging from the responses so far, I think the best bet is to > save the actual loglines that are used for the statistics, and that > contain any 'interesting' informtaion. This would reduce the required > information to 1% of the original logsize, at least. Some information > will get lost, but the majority of it ought to be in the extract. I'm wondering on the feasability of merging syslog data into the Snort IDS SQL database. I think it's database is complex enough to handle this sort of data, and Web interfaces like ACID would make the data quite presentable... -- Cheers Jason Haar Information Security Manager Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Thu Feb 07 2002 - 17:19:23 PST