[Snort-users] How to handle multiple snort sensors

Robert Millott robm at ...16885...
Fri Aug 1 10:53:43 EDT 2014


All
   I am setting up about 35 snort sensors across our network, all feeding
back into a SEIM (arcsight).  I was curious, how does anyone else out there
handle multiple sensors?  I am looking for a way to quickly (and centrally)
view snort.conf, threshold.conf, bpf filters, rules enabled or disabled etc
without having to ssh into each individual host.  I know pulled pork will
handle pulling rules, but I am looking around to see if any one has a means
of managing many sensors.

Thanx

-- 
Robert Millott
President, Millott and Associates
(443) 255-3588
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140801/bfb495a5/attachment.html>


More information about the Snort-users mailing list