This video is a comparison between Snort and Suricata Network Intrusion Detection Systems. Suricata’s output is comprised of multiple files for each type of traffic. With the suricata.yaml file different output options can be configured. Some output data includes DNS logs, HTTP logs, Alerts, and full packet captures. Snort is configured to output all of its data in a non-human readable format .U2 for Barnyard2 to import into a MySQL database. Snorby (GUI) reads from this database to produce a graphical interface used to manage Snorts alerts.
Snort .VS. Suricata