Bro log into MySQL

Anton Chuvakin, Ph.D. anton at netForensics.com
Tue Nov 11 09:21:45 PST 2003


>I am wondering whether anyone has tried direct bro log into mysql table or not.
Well, what do you mean by "log"? All contents of all files or alert.log
contents only?

I was thinking of doing the same thing for MySQL logging, but there seems
to be little value in that: the logs are pretty much free form text and no
sensible schema can be designed. RDBMS will be just as good as a plain
text file...

>Otherwise I will create simple perl/DBI interface by myself.
Do share the code, if/when its created.

-- 
Anton Chuvakin, Ph.D., GCIA, GCIH
Senior Security Analyst
Product Management Group
netForensics -  http://www.netForensics.com
732-393-6071



More information about the Bro mailing list