Configuring SNORT in SPLUNK

1. Download snort plugins for splunk, choose manager, the data inputs

 2. Make new data files, ponting data path to your barnyard2/alert file.

3. edit the host field value  based on your snort host name and source type  value into snor_alert_full

4. view the result