[Snort-users] snort + aris

Ryan Russell ryan at ...35...
Fri May 11 14:46:51 EDT 2001


Was the question regarding how to get Snort running, or how to get it to
feed to ARIS?

			Ryan

On Fri, 11 May 2001, Ron 'The InSaNe One' Rosson wrote:

> I am getting ready to reset up aris on my network but I am confused on
> what my command line should be.
>
> Here is my basic setup:
>
> IDS system logging to a remote Database
>
> Command line for snort is:
> /usr/local/bin/snort -D -d -c /etc/snort.rules
>
> Here is the output part of my  snort.rules file
>
> output database: alert, mysql, user=nobody dbname=snort host=postal
>
>





More information about the Snort-users mailing list