Re: Snort Reporting and logs

[Joel Esler <jesler () sourcefire com>]

I might suggest pulledpork.  It makes life a bit easier by handling a lot of
the leg work for you (moving files around), plus, it handles shared object
rules.

Joel

On Thu, Jan 13, 2011 at 9:35 AM, Atkins, Dwane P <ATKINSD () uthscsa edu>wrote:

> Good day all.
>
>
>
> It was a typo that caused the issue on one device.
>
>
>
> Thank you all.
>
>
>
> My next goal is to upgrade rules via oinkmaster automatically.
>
>
>
> Dwane
>
>
>
> *From:* Marcos Rodriguez [mailto:marcos.e.rodriguez () gmail com]
> *Sent:* Thursday, January 13, 2011 8:16 AM
> *To:* Joel Esler
> *Cc:* Atkins, Dwane P; snort-users () lists sourceforge net
>
> *Subject:* Re: [Snort-users] Snort Reporting and logs
>
>
>
>
>
> Hi Dwane,
>
> If the snort.conf cannot find the reference.config file as specified in
> snort.conf, then Snort will issue a fatal error and terminate.  You may have
> missed that as you tried to daemonize the Snorty.  I mostly use Splunk and a
> Defense Center, so I have no advice for the other management tools.  Many
> laud Sguil, Snorby, and other tools as top-notch for sensor management.
> Check those out and see if they fit your needs.


-- 
Joel Esler
Skype:eslerjoel
http://blog.snort.org

------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand 
malware threats, the impact they can have on your business, and how you 
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users