[Snort-users] BASE and Snorby running together

Jefferson, Shawn Shawn.Jefferson at ...14448...
Wed Feb 22 15:55:59 EST 2012

On the demo, I noticed that Snorby didn't seem to have the same functionality as the "Unique IP Links", and "Unique Alerts" that BASE has?  Maybe I just missed how to view alerts in that way?

From: Dustin Webber [mailto:dustin.webber at ...11827...]
Sent: February 22, 2012 12:41 PM
To: Jan Seidl
Cc: security-onion at ...14071...; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] BASE and Snorby running together

Just curious.. What are the features that snorby does not have? Last time I checked snorby shadowed BASE in every area and then some.

- Dustin

On Feb 22, 2012, at 3:06 PM, Jan Seidl <lists at ...15522...<mailto:lists at ...391...5522...>> wrote:

Shane, have you tried sguil with squert?
On Feb 22, 2012 3:04 PM, "Castle, Shane" <scastle at ...14946...<mailto:scastle at ...14946...>> wrote:
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
Snort-users mailing list
Snort-users at lists.sourceforge.net<mailto:Snort-users at lists.sourceforge.net>
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20120222/9f1e26ea/attachment.html>

More information about the Snort-users mailing list