Snort mailing list archives
Re: snort web interface
From: Paul Halliday <paul.halliday () gmail com>
Date: Wed, 24 Aug 2011 08:02:05 -0300
On Tue, Aug 23, 2011 at 10:03 PM, Jason Meller <jason.meller () gmail com> wrote:
Alexus,
...
Squert is a bad ass project in active development. One thing James didn't mention though is that it requires SGUIL which utilizes an entirely different DB schema than the ones provided by the snort/barnyard2 db output plugins. SGUIL requires a bit more expertise to get up and running than your standard Snort + front-end solution. If you want to go that route Squert is a good SGUIL companion.
Just to expand on this a little: Squert wasn't designed to be an analyst console (in the typical sense of the term). If you are a dedicated analyst or part of a team of analysts doing weighted FIFO analysis then Squert is definitely not for you. Squert was created and is being developed to provide an easy way to look at a whole bunch of data with different views that will hopefully (ultimately) give you a hint of developing and ongoing problems; at a glance. More simply though, it is for people that have been tasked with security, that aren't really good at security, and only get to spend 20% of their day on security :) Thanks. -- Paul Halliday http://www.squertproject.org/ ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: [Spam] Re: snort web interface, (continued)
- Re: [Spam] Re: snort web interface Lay, James (Aug 24)
- Re: [Spam] Re: snort web interface Joel Esler (Aug 24)
- Re: snort web interface Paul Halliday (Aug 24)
- Re: snort web interface Lay, James (Aug 24)
- Re: snort web interface Mike Lococo (Aug 24)
- Re: snort web interface Jason Meller (Aug 24)
- Re: snort web interface alexus (Aug 24)
- Re: snort web interface Paul Halliday (Aug 25)
- Re: snort web interface Agustin Roca (Aug 27)
- Re: snort web interface Jason Wallace (Aug 24)
- Re: snort web interface Paul Halliday (Aug 24)
- Re: snort web interface Dustin Webber (Aug 23)
- Re: snort web interface Dustin Webber (Aug 23)
- Re: snort web interface Dustin Webber (Aug 23)
- Re: snort web interface Dustin Webber (Aug 23)