[Snort-users] SIEM

Sharif Uddin Sharif.Uddin at ...17113...
Wed Mar 11 06:43:08 EDT 2015


Hello


I would like to know if I can use snort + snorby + barnyard2 to achieve something simialir to http://www.solarwinds.com/log-event-manager.aspx

My ideal goal is to monitor what users are doing in the domain, specifically access/modiy files/folders on network on linux shares. Also the usual vpn connection active sync, logins, unusual activity etc.




Sharif Uddin
Development/Support Engineer
-------------------

Spectrum Geo Ltd
Dukes Court, Duke Street
Woking, Surrey
GU21 5BH
UNITED KINGDOM

Tel: +44 (0) 1483 730201
Fax: +44 (0) 1483 762620

www.spectrumasa.com<http://www.spectrumasa.com/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150311/640fd456/attachment.html>


More information about the Snort-users mailing list