[Snort-users] @snort log
wkitty42 at ...14940...
Sat Jul 6 09:36:15 EDT 2013
On 7/6/2013 07:52, anagha b wrote:
> Hi all
> Got snort running but everytime i start snort i have to set library path for
> I am getting file snort.u2.1373105384 format in /var/log/snort.
> how to read these files?
U2 files are a combination log format... you must use a tool like barnyard to
break them apart and place them into a database... then you use tools to read
the database for correlation of the events...
> I searched on net but not getting .
> I want to see snort log should i go for snorby for viewing it?
> Plz provide link to use gui with snort.
[pedantic] you are not looking for a GUI strictly for snort. that implies a GUI
that only controls snort, snort's configs and possibly the rules files...[/pedantic]
it sounds like you are instead looking for a GUI to interface to the alert
database... snorby is one of numerous such tools... you might want to look at
security onion which contains several GUI interfaces so you can choose which
one(s) you want or need to use... each has its good points and bad points...
some are hard to configure but offer a huge range of capabilities while others
are easy to configure but offer a limited set of abilities...
NOTE: i have not looked at security onion and do not use it at this time...
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users