Snort mailing list archives
Re: Snort alerts to SNMP
From: "Roy S. Rapoport" <snort-users () ols inorganic org>
Date: Wed, 21 May 2003 18:26:51 -0700
On Wed, May 21, 2003 at 09:00:52PM -0400, Rafeeq Rehman wrote:
I don't have experience with Nagios but it works very well with HP OpenView (I tested with Network Node Manager). Yes, you can do some trend analysis based upon traps/alerts. However, I don't recommend to merge Snort data with any production network monitoring system. False alarms do occur which may panic operators in production environment.
I'm not sure I understand -- if you're using Snort as an IDS (Intrusion Detection System) shouldn't you be panicing, or at least responding vigorously, in the case of an alarm? -roy ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort alerts to SNMP Paul . Fiero (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)
- Re: Snort alerts to SNMP Roy S. Rapoport (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)
- Re: Snort alerts to SNMP Roy S. Rapoport (May 21)
- Re: Snort alerts to SNMP Rafeeq Rehman (May 21)