IDS mailing list archives
Re: dragon and snort logs
From: Brian <bmc () snort org>
Date: Tue, 13 May 2003 01:20:06 -0400
On Mon, May 12, 2003 at 07:54:01PM -0400, David Markle wrote:
Send the snort alerts via syslog to a remote host. Then scoop up the remote snort syslog into Dragon HIDS, then onto the console. It works real well. If you need details, let me know and I'll put something together for you.
It is a fairly common occurrence for Enterasys customers to use snort. So common that Enterasys distributes utilities to convert snort signatures into a policy lib file so you can use their HIDS to monitor snort log files. Ask your Enterasys support person for help if you can't figure out their tools. -brian ------------------------------------------------------------------------------- INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2 -------------------------------------------------------------------------------
Current thread:
- dragon and snort logs Jochen Vogel (May 12)
- RE: dragon and snort logs David Markle (May 12)
- Re: dragon and snort logs Brian (May 14)
- <Possible follow-ups>
- RE: dragon and snort logs Golomb, Gary (May 14)
- RE: dragon and snort logs David Markle (May 12)