[Snort-users] Real time alerting with multiple sensors
Semerjian.Ohanes at ...4899...
Tue Feb 19 22:27:09 EST 2002
let the snort machines log into one machine that run a database either Mysql
and run ACID on the same machine that u run the database one.
From: Federico [mailto:egopfe at ...125...]
Sent: Wednesday, 13 February 2002 20:08
To: Snort-users at lists.sourceforge.net
Subject: [Snort-users] Real time alerting with multiple sensors
I've this problem, and this doubt for resolving it...
witch is the best chioice to have a real time feedback in my scenario ?
plz tell me wich is the best choice
+ About 10 sensors in a routed MAN.
+ need to log to PostgreSQL for an historical purpose.
+ need to have a realtime feedback.
naturally i want to concentrate logs in one servers, and no to keep them
Solutions for real time feedback:
1) snmp traps to central server, snmptrapd scripted to send alerts by e-mail
(anyone knows some program to attach to snmptrapd?)
2) syslogd-ng from all sensors to central server, incident.pl running by
crond every 5 second and alerting by e-mail.
witch is the best solution ?
anyone has other solutions and/or some programs that can help me ??
thanks in advance.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users