Snort mailing list archives

Re: Centrally monitoring

From: "Justin" <ginsbergj () gmail com>
Date: Fri, 19 Oct 2012 11:33:02 -0400

Hopefully I am not speaking out of turn, but you can install security Onion
in Snort Mode. This will allow you to run multiple distributed sensors, and
centralized monitoring server that holds the MySQL database and logs. I am
of course still learning, but I have been running it for a few months, with
2 sensors and one Monitoring server. Works like a champ. Users Snorby, Sguil
and sqwert as front ends. Great way to compile and correlate a lot of info
to a central location.

Cheers,
Justin

-----Original Message-----
From: James Lay [mailto:jlay () slave-tothe-box net] 
Sent: Friday, October 19, 2012 10:21 AM
To: snort-users () lists sourceforge net
Subject: Re: [Snort-users] Centrally monitoring

On 2012-10-19 07:44, Akinwale Fasuru wrote:

Hello fellows,

I am tring to see if it is possible to centrally monitor sensors 
running on linux and windows?



----------------------------------------------------------------------
-------- Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics Download AppDynamics Lite 
for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest 
Snort news!



Two words.....tail, syslog :)

James

----------------------------------------------------------------------------
--
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics Download AppDynamics Lite for
free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort
news!


------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Centrally monitoring Akinwale Fasuru (Oct 19)
- Re: Centrally monitoring K Vijaya Sai Prasanth (Oct 19)
- Re: Centrally monitoring James Lay (Oct 19)
  - Re: Centrally monitoring Justin (Oct 19)
- <Possible follow-ups>
- Re: Centrally monitoring Jaime Nebrera (Oct 19)