[Snort-users] Barnyard2

Mike Michalak mike at ...17066...
Mon Jan 19 02:33:30 EST 2015


Thank you for the update.

What are your thoughts on Snorby?

Regards,

Mike Michalak
M +219.921.9619
O +708.320.8643
Trail 9 | trail9.com




On Mon, Jan 19, 2015 at 8:22 AM, Jeremy Hoel <jthoel at ...11827...> wrote:

> To use most web based tools you need to send the data from unified2 to a
> mysql.. you use barnyard2 for that.  IF you want to use cli you can use
> some tools to explore unified2 files, or you can use a SIEM tool that can
> get the data via syslog or something.  You could also use sguil and it has
> a whole other set of tools.
>
> So really, it depends on how you want to view your data.
>
> You might check out Security Onion as it has a few of these and can give
> you some options.
>
> On Sat, Jan 17, 2015 at 1:30 AM, Mike Michalak <mike at ...17066...> wrote:
>
>> Ah ok, that is a good question.  I'm not quite sure, any suggestions?
>>
>> Regards,
>>
>> Mike Michalak
>> M +219.921.9619
>> O +708.320.8643
>> Trail 9 | trail9.com
>>
>>
>>
>>
>> On Fri, Jan 16, 2015 at 6:21 PM, Shirkdog <shirkdog at ...11827...> wrote:
>>
>>> How do you plan on viewing alert data?
>>>
>>> Once you answer that question, you can look at how barnyard2 will help
>>> you.
>>>
>>> ---
>>> Michael Shirk
>>>
>>>
>>> On Fri, Jan 16, 2015 at 9:29 AM, Mike Michalak <mike at ...17066...> wrote:
>>> >
>>> > I have installed Snort and I am in the testing phase.
>>> >
>>> > What are your thoughts on using Barnyard2 with snort?  Is it worth it
>>> or not
>>> > needed.
>>> >
>>> > I am running snort on a CentOS 6.5 box.
>>> >
>>> > Regards,
>>> >
>>> > Mike
>>> >
>>> >
>>> >
>>> >
>>> ------------------------------------------------------------------------------
>>> > New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
>>> > GigeNET is offering a free month of service with a new server in
>>> Ashburn.
>>> > Choose from 2 high performing configs, both with 100TB of bandwidth.
>>> > Higher redundancy.Lower latency.Increased capacity.Completely
>>> compliant.
>>> > http://p.sf.net/sfu/gigenet
>>> > _______________________________________________
>>> > Snort-users mailing list
>>> > Snort-users at lists.sourceforge.net
>>> > Go to this URL to change user options or unsubscribe:
>>> > https://lists.sourceforge.net/lists/listinfo/snort-users
>>> > Snort-users list archive:
>>> > http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>> >
>>> > Please visit http://blog.snort.org to stay current on all the latest
>>> Snort
>>> > news!
>>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
>> GigeNET is offering a free month of service with a new server in Ashburn.
>> Choose from 2 high performing configs, both with 100TB of bandwidth.
>> Higher redundancy.Lower latency.Increased capacity.Completely compliant.
>> http://p.sf.net/sfu/gigenet
>> _______________________________________________
>> Snort-users mailing list
>> Snort-users at lists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest
>> Snort news!
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150119/0f88f50d/attachment.html>


More information about the Snort-users mailing list