Snort mailing list archives
Re: Question about Sguil
From: Doug Burks <doug.burks () gmail com>
Date: Fri, 20 Jun 2014 13:31:11 -0400
Hi Matt, Replies inline. On Fri, Jun 20, 2014 at 1:27 PM, Matt Martin <MMartin () jwpepper com> wrote:
Hey Doug, thanks for the reply! Is security Onion required for Sguil, or just recommended?
Security Onion is not required, but it's the quickest and easiest way to get Sguil up and running.
Because I have Snort already installed on a Dell Poweredge Server (*2950 I think is the model...), with 6 HDDs in a RAID5 Array and 8 Intel Xeon cores, . This server was previously used for other purposes, but since most of our Servers have gone virtual we had a few servers lying around for me to choose from to install Snort on. From what I read Security Onion it is a OS/Linux Distro in it of itself, based on RedHat.
Yes, Security Onion is a complete Linux distro, but it is based on Ubuntu 12.04.
And it comes with Snort, Barnyard2, etc already pre-installed... Is that correct?
Yes, Security Onion includes Snort, Barnyard2, etc. already pre-installed.
While I was writing this I was speaking with my manager and we ARE going to give it a try. We are going to use one of old email servers (*Dell something...) and we're going to install Security Onion and give it a go... Sounds promising!
Excellent, thanks! If you have any questions or problems regarding Security Onion, please use our security-onion mailing list: https://code.google.com/p/security-onion/wiki/MailingLists Thanks, Doug ------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Doug Burks (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Doug Burks (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Jeremy Hoel (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Doug Burks (Jun 20)
- Re: Question about Sguil Jeremy Hoel (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Jaime Nebrera (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Jaime Nebrera (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Jaime Nebrera (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Matt Martin (Jun 20)
- Re: Question about Sguil Doug Burks (Jun 20)