Snort mailing list archives
Re: BASE or Snort Report ???
From: "Jefferson, Shawn" <Shawn.Jefferson () bcferries com>
Date: Tue, 4 Jan 2011 14:39:58 -0700
What I'm doing, is sending Snort alerts to syslog as well. And then syslog is being sent to my SIEM (RSA Envision). The SIEM can send email based on various criteria. Also, OSSEC can be installed on your Snort machine and it understands Snort alerts, and you can configure it to alert on whatever you wish. Most of the time though, I just check BASE. ________________________________________ From: Garland, Ken R [mailto:garlandkr () gmail com] Sent: Tuesday, January 04, 2011 1:02 PM To: snort-users () lists sourceforge net Subject: Re: [Snort-users] BASE or Snort Report ??? Use something else for notification purposes like sec.pl or other notification/monitoring tools. Snorby/BASE are not really meant for that, they are, for lack of a better term, data mining tools. Sure you can see a live view in Snorby but if you want to get that close to the metal would you really put yourself in front of a gui web app with potential delay? <snip> ------------------------------------------------------------------------------ Learn how Oracle Real Application Clusters (RAC) One Node allows customers to consolidate database storage, standardize their database environment, and, should the need arise, upgrade to a full multi-node Oracle RAC database without downtime or disruption http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: BASE or Snort Report ???, (continued)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Champ Clark III [Softwink] (Jan 04)
- Re: BASE or Snort Report ??? Jefferson, Shawn (Jan 04)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Joel Esler (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Joe Pampel (Jan 04)
- Re: BASE or Snort Report ??? Jefferson, Shawn (Jan 04)
- Re: BASE or Snort Report ??? Champ Clark III [Softwink] (Jan 04)
- Re: BASE or Snort Report ??? Tilley, Brad (Jan 05)
- Re: BASE or Snort Report ??? Martin Holste (Jan 05)
- Re: BASE or Snort Report ??? J. L. Cabral (Jan 04)
- Re: BASE or Snort Report ??? Garland, Ken R (Jan 04)
- Re: BASE or Snort Report ??? Bamm Visscher (Jan 05)
- Re: BASE or Snort Report ??? Jun Wan (Jan 06)
- Re: BASE or Snort Report ??? Crusty Saint (Jan 06)