[Snort-users] Creating sensors and distributed IDS
j.riden at ...11179...
Wed Nov 10 10:15:08 EST 2004
"Смородникова Е.В." <jane at ...12652...> writes:
> Hi, I'm newbie in using Snort. Could you please give me some info
> about how to create several Snort sensors and manage them with ACID.
> (not about ACID, I have already installed it). As I think, I will need
> one server, where MySQl and ACID works and I need info about how make
> Snort on different mashines to send all data to the centralized mysql
Just have all the snort.conf's log as follows:
output database: log, postgresql, user=snort_db_user \
So output from all sensors is going to a central database. You may
need to tweak the database config and permissions in this case, to
allow remote access - I think you do need to with postgresql at least.
What errors are you seeing?
James Riden / j.riden at ...11179... / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/
More information about the Snort-users