Snort mailing list archives
Snort->OSSIM Sensor only, unified2?
From: "Dewhirst, Rob" <robdewhirst () gmail com>
Date: Wed, 11 Jan 2012 11:01:30 -0600
Can anyone share any documentation they have for getting a snort sensor (only a sensor) pushing unified2 logs to a remote OSSIM console? I found some fragments of instructions on the alienware forums and I got the ossim-agent up and running on the sensor and connecting back to the OSSIM server, but it's not sending any events. (and I know events are occuring because I send them to another snorby server). ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort->OSSIM Sensor only, unified2? Dewhirst, Rob (Jan 11)
- Re: Snort->OSSIM Sensor only, unified2? Tudor Panaitescu (Jan 11)
- Re: Snort->OSSIM Sensor only, unified2? Dewhirst, Rob (Jan 11)
- Re: Snort->OSSIM Sensor only, unified2? Tudor Panaitescu (Jan 11)
- Re: Snort->OSSIM Sensor only, unified2? Dewhirst, Rob (Jan 11)
- Re: Snort->OSSIM Sensor only, unified2? Tudor Panaitescu (Jan 11)