[Snort-users] Snort to monitor several servers
dominik_schmid at ...1171...
Mon Dec 5 12:56:03 EST 2005
If you want an application to controll the alerts for all those servers,
take a look at snortfocus - snortfocus.org.
It's a mysql extension of the snort database.
With the php-gui, you can join servers to user groups which can control
the alerts and set filters.
> Wouldn't a possible solution be to install Snort on each server then
> have them all report to a central database?
> From your wording, it almost sounds like you're trying to provide
> protection to individual servers using a NIDS installed on each
> system. You may be better off using a HIDS like Samhain to provide
> individual system protection with NIDS at a few network choke-points,
> and centralize all of the logging using something like Prelude.
> - Ramon
> Jacob Friis Saxberg wrote:
>> Is it possible to have a Nagios like setup of Snort?
>> We have several servers that all need Snort.
>> How could we solve this in an intelligent way?
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> for problems? Stop! Download the new AJAX search engine that makes
> searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
More information about the Snort-users