Snort mailing list archives
Re: Analyzing Snort Alerts and EMailing
From: "Matt M." <mr10001 () gmail com>
Date: Wed, 3 Sep 2014 12:51:56 -0500
Snorby looks nice! I'm also in the process of setting up a securityonion box, but that's not on OSX. Good stuff, off to read up some more. Thank you On Wed, Sep 3, 2014 at 12:49 PM, Doug Burks <doug.burks () gmail com> wrote:
Hi Matt, Replies inline. On Wed, Sep 3, 2014 at 1:35 PM, Matt M. <mr10001 () gmail com> wrote:Hello All, I was wondering if anyone might be willing to recommend a good GUI toolforinteracting with snort alertsHave you looked at Sguil and/or Snorby? http://blog.securityonion.net/p/securityonion.htmland a process for having alerts automatically emailed?Please see: https://code.google.com/p/security-onion/wiki/EmailAt the moment I'm looking at ACID and I'm curious if this is my bestbet. Iwould prefer to use a database over a script. I'm using OSX as well, so any tips would be greatly appreciated. Thank you, -- M., CISSP, GCFE, GCFA “To disagree leads to study, to study leads to understanding, tounderstandis to appreciate, to appreciate is to love. So maybe I’ll end up lovingyourtheory.” -John Wheeler------------------------------------------------------------------------------Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latestSnortnews!-- Doug Burks Need Security Onion Training or Commercial Support? http://securityonionsolutions.com
-- Matt M., CISSP, GCFE, GCFA *“*To disagree leads to study, to study leads to understanding, to understand is to appreciate, to appreciate is to love. So maybe I’ll end up loving your theory.*”* -*John Wheeler*
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Jeremy Hoel (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Sharif Uddin (Sep 04)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 04)
- Re: Analyzing Snort Alerts and EMailing Da Beave (Sep 05)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)