Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Snort and using IDS app with splunk

From: Josh Bitto <jbitto () onlineschool ca>
Date: Mon, 6 May 2013 13:56:25 -0700
Hello all....I was wondering if anyone uses splunk and have a similar setup to what I'm trying to accomplish.

We are using snort on our pfsense firewall and having the logs sent to our main log server (splunk) with that being 
said... I have been looking at features that splunk offers and one of them is an IDS reference app that can pull 
information from rule sets. I think for the most part it's just a searchable reference for rules that may fire. Has 
anyone used this or have experience with it?

I'm wondering if it's worth the time to implement.


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: