Snort 2.9 on CentOS 6.3 (continued) with Barnyard2

This is a continuation of the post on installing Snort 2.9 on CentOS 6.4(http://nkush.blogspot.com.au/2013/03/snort-29-on-centos-63.html). Thispost installs Barnyard2 on the host. Barnyard is an output system for Snort. If effectively allows bettersnort performance by enabling Snort to produce binary output which isthen processed by Barnyard. Barnyard processes the binary Snort output files (unified2 binary) andstores the processed data into a database back-end, for example MySQL.The advantage of using Barnyard instead of the database output fromSnort is that Barnyard is able to “cache” the data in case the databaseis unavailable.

Read More →