Snort mailing list archives
Snort and using IDS app with splunk
From: Josh Bitto <jbitto () onlineschool ca>
Date: Mon, 6 May 2013 13:56:25 -0700
Hello all....I was wondering if anyone uses splunk and have a similar setup to what I'm trying to accomplish. We are using snort on our pfsense firewall and having the logs sent to our main log server (splunk) with that being said... I have been looking at features that splunk offers and one of them is an IDS reference app that can pull information from rule sets. I think for the most part it's just a searchable reference for rules that may fire. Has anyone used this or have experience with it? I'm wondering if it's worth the time to implement.
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort and using IDS app with splunk Josh Bitto (May 06)
- Re: Snort and using IDS app with splunk Greg Williams (May 06)