Snort mailing list archives
Re: Analyzing Snort Alerts and EMailing
From: "Matt M." <mr10001 () gmail com>
Date: Wed, 3 Sep 2014 13:11:18 -0500
I apologize for my ignorance here... trying to get everything straight in my head. I would like to try to setup Snorby to begin with, which requires a few prereqs (snort, git, ruby, sagan, etc.) Not too worried about those. However, I will also need to install a database and/or a web server, correct? Does Barnyard play into this at all? So to sum it all up, I would have to install the following to have Snorby up and running (minus the custom configurations): 1. Snort 2. Sagan 3. GIT 4. Ruby 5. Rails 6. ImageMagick 7. Wkhtmltopdf 8. Web Server (Apache?) 9. Database (PostgreSQL?) Thanks again! On Wed, Sep 3, 2014 at 12:57 PM, Weir, Jason <jason.weir () nhrs org> wrote:
From the article “It hasn't been actively developed since about 2003” It’s a little dated – but will do what you asked for.. -J *From:* Matt M. [mailto:mr10001 () gmail com] *Sent:* Wednesday, September 03, 2014 1:47 PM *To:* Weir, Jason *Cc:* snort-users *Subject:* Re: [Snort-users] Analyzing Snort Alerts and EMailing Nice, thanks man, I just found this article... http://blog.snort.org/2011/01/guis-for-snort.html This was from 2011, hopefully it's not out of date... =/ On Wed, Sep 3, 2014 at 12:45 PM, Weir, Jason <jason.weir () nhrs org> wrote: Base (http://base.professionallyevil.com/) – Sure - it’s old, outdated and hasn’t been updated in quite a while but still works. *From:* Matt M. [mailto:mr10001 () gmail com] *Sent:* Wednesday, September 03, 2014 1:36 PM *To:* snort-users *Subject:* [Snort-users] Analyzing Snort Alerts and EMailing Hello All, I was wondering if anyone might be willing to recommend a good GUI tool for interacting with snort alerts and a process for having alerts automatically emailed? At the moment I'm looking at ACID and I'm curious if this is my best bet. I would prefer to use a database over a script. I'm using OSX as well, so any tips would be greatly appreciated. Thank you, -- M., CISSP, GCFE, GCFA *“**To disagree leads to study, to study leads to understanding, to understand is to appreciate, to appreciate is to love. So maybe I’ll end up loving your theory.” -John Wheeler* -- Matt M., CISSP, GCFE, GCFA *“**To disagree leads to study, to study leads to understanding, to understand is to appreciate, to appreciate is to love. So maybe I’ll end up loving your theory.” -John Wheeler*
-- Matt M., CISSP, GCFE, GCFA *“*To disagree leads to study, to study leads to understanding, to understand is to appreciate, to appreciate is to love. So maybe I’ll end up loving your theory.*”* -*John Wheeler*
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Jeremy Hoel (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Sharif Uddin (Sep 04)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 04)
- Re: Analyzing Snort Alerts and EMailing Da Beave (Sep 05)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Weir, Jason (Sep 03)
- Re: Analyzing Snort Alerts and EMailing Matt M. (Sep 03)