[Snort-users] Snort and barnyard status

TIannotti at ...12637... TIannotti at ...12637...
Mon Nov 8 07:03:54 EST 2004


>Message: 1
>From: Sean Brown <sblinux at ...9344...>
>To: snort-users at lists.sourceforge.net
>Subject: Re: [Snort-users] Snort and barnyard status
>Date: Fri, 5 Nov 2004 21:03:17 -0700
> 
>On November 4, 2004 1:15 pm, Lance Boon wrote:
>> What I'm looking for is an easy for users other than myself (in
>> particular my boss) to be able to look at a webpage and determine the
>> status of a particular snort sensor if the snort and barnyard processes
>> are running. I'm not sure of the best way to handle this right now what
>> ..snip..
> 
> I run snort on my firewall, which is a OpenBSD machine. I use Net-SNMP 
to 
> monitor both. There is a simple line in the snmpd.conf to tell it what 
> process to monitor, and how many should be running (min/max). You can 
then 
> configure traps to send and alert you if any of them die if you wish to. 
Any 
>> ..snip..

Big Brother (http://www.bb4.org/) also works very well for this, and once 
set up is a great framework for monitoring many other aspects, including 
graphing trends.





More information about the Snort-users mailing list