Feature #413
closedOutput database option for Windows
Description
Is it possible to have an output database option for Windows to send alerts directly to a MySQL, or SQL Server database?
Updated by Victor Julien about 12 years ago
We rely on Barnyard2 to do the database handling of our events. Adding the output support to Suricata is not planned. I think there is no point in duplicating the effort.
Updated by Michael Steele about 12 years ago
Victor Julien wrote:
We rely on Barnyard2 to do the database handling of our events. Adding the output support to Suricata is not planned. I think there is no point in duplicating the effort.
Barnyard only works for Unix. There is no Barnyard type program for Windows.
Updated by Victor Julien about 12 years ago
Did you try the latest Barnyard2 code under CYGWIN?
https://github.com/firnsy/barnyard2/commit/f71a8d3136970aef184bbab071532a23903584d2
Updated by Michael Steele about 12 years ago
Victor Julien wrote:
Did you try the latest Barnyard2 code under CYGWIN?
https://github.com/firnsy/barnyard2/commit/f71a8d3136970aef184bbab071532a23903584d2
We can't support the install using CYGWIN. Hopefully in the future there will be something available to do this in native Windows mode.
Updated by Victor Julien about 12 years ago
Suricata's (working) Windows support is based on CYGWIN as well. Native Windows support would be nice, although at this point it's not clear to me how much effort that would take.
Updated by Peter Manev about 12 years ago
Hi,
The msi package that we have is actually independent - it has all the things you need to run Suricata (no need for any CYGWIN). It has the Suricata.exe (regular build aka no enabled debug mode ...etc , all the things that you can compile Suricata with) with yaml and the other files needed to run Suricata, wich the msi pkg install automatically.
If you would like to build from scratch (make your own build) - then you would need CYGWIN.
On the database output - would it be of any help if we have a config option (in yaml) to output the log files in csv format ?
thanks
Updated by Peter Manev about 12 years ago
@Michael Cox Steele - have you tried Barnyard under CYGWIN? Does it work?
Updated by Michael Steele about 12 years ago
Peter Manev wrote:
@Michael Cox Steele - have you tried Barnyard under CYGWIN? Does it work?
I have absolutely no idea about CYGWIN. My impression is that CYGWIN is a way to compile Barnyard2 for windows and then it's possible to create a stand alone package that will run on Windows, like Suricata?
I'm unable to find a guide on how to compile Barnyard2 for Windows under CYGWIN.