[Snort-users] How to configure snort service to send snmp alerts?

Ted Kaczmarek tedkaz at ...549...
Tue Mar 1 04:45:48 EST 2005


On Wed, 2005-02-23 at 12:08 +0100, Jose Maria Lopez Hernandez wrote:
> El mié, 23-02-2005 a las 11:48 +0200, Juan Fernandez escribió:
> >  
> >  
> > Hi,
> >  
> >  I want to configure the sensors to send a snmp trap when snort
> > service goes down.
> >  
> > or send to me an Email
> >  
> > Is it possible to to that?
> >  
> >  
> > thanks very much.
> 
> If you just want an email to be sent you can use
> Nagios to monitor the process and send you a email when
> the process it's not running.
> 
> But if you need SNMP then you have to configure a
> SNMP agent in the machine and some kind of script
> that checks the running process or the logs and
> tell the agent to send a SNMP trap when it detects
> the snort process death.
> 
> Regards.
> 
With OpenNMS I just create a poller to check it via the 
ucdavis.procTable. This is not snort specific and can be used to monitor
anything.
On a service down event you can trigger any action you like, email, sms,
pager shell script etc.

Ted






More information about the Snort-users mailing list