Re: BASE and Snorby running together

[JJC <cummingsj () gmail com>]

The only thing that you can do is try, I know that this has been done
before but I don't know how well the delete etc.. worked... I know that it
displayed the data as expected though.

JJC

On Wed, Feb 22, 2012 at 10:03 AM, Castle, Shane
<scastle () bouldercounty org>wrote:

> I'd like to try running BASE and Snorby (using Security Onion platform)
> together against the same database. I'm thinking that I only have to add
> the database tables peculiar to BASE:
> acid_ag
> acid_ag_alert
> acid_event
> acid_ip_cache
> base_roles
> base_users
>
> I realize this is probably simplistic and there could be issues, such as
> deleting alerts in BASE will probably not delete all the alert data in all
> the tables. If anyone has done this dual setup successfully and has
> warnings or errors to avoid I'd like to know.
>
> I might have to modify the BASE code to run successfully this way. Please,
> no evangelizing of Snorby over BASE; I just like a lot of the features
> available in BASE that are not there in Snorby (or if they are I can't seem
> to find them). OTOH there are a lot of BASE issues that drive me nuts and
> make me wish for an active support group.
>
> And yes, I know this is probably a lost cause. I'd like to try anyway.
>
> --
> Shane Castle
> Data Security Mgr, Boulder County IT
> CISSP GSEC GCIH
>
>
>
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!