[Snort-users] Centrally monitoring

Justin ginsbergj at ...11827...
Fri Oct 19 11:33:02 EDT 2012


Hopefully I am not speaking out of turn, but you can install security Onion
in Snort Mode. This will allow you to run multiple distributed sensors, and
centralized monitoring server that holds the MySQL database and logs. I am
of course still learning, but I have been running it for a few months, with
2 sensors and one Monitoring server. Works like a champ. Users Snorby, Sguil
and sqwert as front ends. Great way to compile and correlate a lot of info
to a central location.

Cheers,
Justin

-----Original Message-----
From: James Lay [mailto:jlay at ...13475...] 
Sent: Friday, October 19, 2012 10:21 AM
To: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Centrally monitoring

On 2012-10-19 07:44, Akinwale Fasuru wrote:
> Hello fellows,
>
> I am tring to see if it is possible to centrally monitor sensors 
> running on linux and windows?
>
>
> 
> ----------------------------------------------------------------------
> -------- Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics Download AppDynamics Lite 
> for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest 
> Snort news!


Two words.....tail, syslog :)

James

----------------------------------------------------------------------------
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics Download AppDynamics Lite for
free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort
news!





More information about the Snort-users mailing list