[Snort-users] Project PigRoast and logging...

Joe Magee me at ...297...
Mon Oct 9 14:52:55 EDT 2000


Hey max, I haven't really introduced myself before however I'm a fan of your site. I was wondering what thoughts you have about Project PigRoast thing I'm working on. have you seen something like this done before? do you currently do any remote logging or log collaboration? I'm trying to play with the best way to go about doing this. 

http://www.joemagee.com/projectpigroast.htm

What I would like to do is have all my snort machines log back to a single host. then have that host either run snortsnarf and present all log material in html format or transport the logs somewhere where they can be viewed. One of my most important goals is to be able to hand the monitoring job over to a "sysops" type of person who will watch the logs and respond accordingly, so what I need to do is get the data a "console" for monitoring so I can then start writing respond and react type of policies. 

any ideas?

Thanks

Joe Magee
Information Security Engineer



More information about the Snort-users mailing list