Snort mailing list archives
Re: Recommended NFS configuration to store snort logs
From: waldo kitty <wkitty42 () windstream net>
Date: Fri, 24 Sep 2010 18:00:20 -0400
On 9/24/2010 13:50, carlopmart wrote:
Castle, Shane wrote:I'm sorry; I can't recommend using NFS for anything, much less real-time writing of high-output logs. -- Shane Castle Data Security Mgr, Boulder County IT GSEC GCIHOK, then what type of storage is recommended to centralize all logs?? iSCSI??
syslog to a central syslog server for text logs... other's use sql databases and feed them via IP sockets... it all depends on your needs and usage, really... in my environment, we don't use any logs or databases other than snort's standard alert file... then again, we're not aggregating numerous sniffers in the product i'm working with ;) ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Recommended NFS configuration to store snort logs carlopmart (Sep 23)
- Re: Recommended NFS configuration to store snort logs carlopmart (Sep 24)
- Re: Recommended NFS configuration to store snort logs Castle, Shane (Sep 24)
- Re: Recommended NFS configuration to store snort logs carlopmart (Sep 24)
- Re: Recommended NFS configuration to store snort logs waldo kitty (Sep 24)
- Re: Recommended NFS configuration to store snort logs Joe Pampel (Sep 24)
- Re: Recommended NFS configuration to store snort logs Castle, Shane (Sep 24)
- Re: Recommended NFS configuration to store snort logs carlopmart (Sep 24)