Educause Security Discussion mailing list archives

Re: anyone using OSSIM....

From: Russ Harvey <russ-harvey () UCR EDU>
Date: Tue, 16 Mar 2010 08:24:53 -0700

I installed OSSIM 1.0.4 in 2008, and while pretty, the documentation was
impenetrable. Though I haven't put up 2.2 yet, there is a brief Linux
Journal article
(http://www.linuxjournal.com/magazine/alienvault-future-security-information-management
that looks like a possible starting point.

--russ

On Tue, Mar 16, 2010 at 06:20:40PM +1300, Russell Fulton wrote:

We have just set up a default install of OSSIM and first impressions are favourable -- what seems to be lacking is 
decent documentation -- presumably you get this when you buy the commercial version.

Does anyone have any notes/experience in using OSSIM with several different snort sensors that run different rule 
sets and need to be treated separately?

Or even for getting snort data in from sensors on other machines...

R

Current thread:

anyone using OSSIM.... Russell Fulton (Mar 15)
- <Possible follow-ups>
- Re: anyone using OSSIM.... Russ Harvey (Mar 16)
- Re: anyone using OSSIM.... E. Todd Atkins (Mar 16)