[Snort-users] Snort alerts to SNMP

Roy S. Rapoport snort-users at ...9230...
Wed May 21 18:25:05 EDT 2003


On Wed, May 21, 2003 at 09:00:52PM -0400, Rafeeq Rehman wrote:
> I don't have experience with Nagios but it works very well with HP OpenView
> (I tested with Network Node Manager). Yes, you can do some trend analysis
> based upon traps/alerts. However, I don't recommend to merge Snort data with
> any production network monitoring system. False alarms do occur which may
> panic operators in production environment.

I'm not sure I understand -- if you're using Snort as an IDS (Intrusion
Detection System) shouldn't you be panicing, or at least responding
vigorously, in the case of an alarm?

-roy




More information about the Snort-users mailing list