Snort mailing list archives
Re: Snort installation on openstack
From: "Velusami, Selvi" <selvi.velusami () verizon com>
Date: Fri, 27 May 2016 13:17:15 -0400
Hi, During the virtual image creation, I created an images which contains both centos and snort and tried to installed the same to openstack. The goal is, image should install both centos and snort together. But the operation failed during the snort installation. In openstack, when we create an instance, everything should go together in a single image, so I tried the same. But that is not worked for me. Please provide me the pointers for the same. Thanks, Selvi.V From: Al Lewis (allewi) [mailto:allewi () cisco com] Sent: Friday, May 27, 2016 12:59 PM To: Velusami, Selvi Cc: snort-users () lists sourceforge net Subject: RE: Snort installation on openstack 1) You are not telling snort what configuration file to use (with a -c ). You may want to start reading here: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node6.html or here http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node3.html If you don't specify a configuration file snort will run as a packet sniffer which is expected behavior. 2) As for the installation of snort on openstack you may want to install Centos there first. THEN install snort afterwards. As I said your issue looks like a problem with the install of CENTOS in openstack and not snort. There is an error in your screenshot which points to openstack/centos issue. See the error: '/dev/mapper/centos-root/' does not exist. Your installation looks like it tanks after that. Albert Lewis QA SNORT/Sourcefire SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com<mailto:allewi () cisco com> From: Velusami, Selvi [mailto:selvi.velusami () verizon com] Sent: Friday, May 27, 2016 12:42 PM To: Al Lewis (allewi) Cc: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: RE: Snort installation on openstack Hi, Please find below the summary of status and the problem statement 1. Snort Installation * Installed centos 7 in a virtual machine * Configured the virtual machine to reach the internet * Downloaded and installed Snort on the virtual machine * Downloaded the snort rules and placed in the required folder. * Sent icmp packets to the snort and issued the command "snort - I <interface> * While running the Snort on a particular interface, it could capture the packets of the icmp message, but getting some warning messages here. "No preprocessors configured" Could see snort is running and it captures the packets but got the message "No preprocessors configured" along with that. Please find below the screenshot. [cid:image001.jpg@01D1B81A.1655FE90] 2. Qcow2 image creation * Now tried to create qcow image from for the snort * Exported the virtual machine to ova file * Using qemu-img, converted the vmdk image to qcow2 image 3. Snort installation on openstack * Created an instance in openstack using the qcow2 image of snort. * During the installation , it went to emergency mode and the installation stopped. Please find below the screenshot. [cid:image002.jpg@01D1B81A.1655FE90] My requirement is, I need to install the snort in open stack and do the configuration for the same. Need pointers or images to install the same on openstack. I really appreciate your help on the same. Thanks, Selvi.V From: Al Lewis (allewi) [mailto:allewi () cisco com] Sent: Friday, May 27, 2016 12:31 PM To: Velusami, Selvi Cc: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: RE: Snort installation on openstack Hello, Can you be a little more specific and explain what is not working for you? Based on what you are saying you have a problem using your image in openstack and not a snort related issue. Albert Lewis QA SNORT/Sourcefire SOURCEfire, Inc. now part of Cisco 9780 Patuxent Woods Drive Columbia, MD 21046 Phone: (office) 443.430.7112 Email: allewi () cisco com<mailto:allewi () cisco com> From: Velusami, Selvi [mailto:selvi.velusami () verizon com] Sent: Friday, May 27, 2016 11:55 AM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: [Snort-users] Snort installation on openstack Hi, I am new to Snort and I have not used it before. The present requirement for me is I need to create a virtual image for snort and the same needs to be installed on openstack. Should do the configuration on top of itfor further monitoring. At present I tried to install snort on virtual machine on centos and using that tried to create a virtual image and that image is not working for me in openstack. Can anyone please help me on this. Thanks, Selvi.V
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Al Lewis (allewi) (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack wkitty42 (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack wkitty42 (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Al Lewis (allewi) (May 27)
- Re: Snort installation on openstack Al Lewis (allewi) (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Diego Parrilla SantamarĂa (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 27)
- Re: Snort installation on openstack Velusami, Selvi (May 31)
- <Possible follow-ups>
- Snort installation on openstack Velusami, Selvi (May 27)