[Snort-users] Snort and barnyard status

Jose Maria Lopez jkerouac at ...12346...
Sat Nov 6 10:04:13 EST 2004


El jue, 04 de 11 de 2004 a las 21:15, Lance Boon escribió:
> What I'm looking for is an easy for users other than myself (in
> particular my boss) to be able to look at a webpage and determine the
> status of a particular snort sensor if the snort and barnyard processes
> are running. I'm not sure of the best way to handle this right now what
> I do is just ssh to the box do a ps -ef|grep snort and see both barnyard
> and the snort processes running. What I would like to be able to do is
> automate this by either having my graphing server ssh to each box, do
> the ps -ef|grep snort, and get these results back then put these results
> in a webpage to view then, maybe even send an e-mail alert if a process
> isn't running when it should be, or even have something set to start
> that process if it isn't running. But right now my main focus is just to
> get the results back to the webpage to be displayed and have this run as
> a process every min or so. Any assistance or pointers in the right
> direction would greatly be appreciated.

The best solution for this is using some kind of automated tool
to check the services. The best I know it's nagios, and mon it's
also a good choice. Both have web interfaces and can send mail
to give you alerts.

-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac at ...12346...
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"





More information about the Snort-users mailing list