Snort mailing list archives

Re: Snort-Prelude Problem

From: Joel Esler <jesler () sourcefire com>
Date: Wed, 18 Apr 2012 12:41:54 -0400

You may have typed it wrong (two dashes)

./configure --enable-prelude

That being said, prelude support is being removed in the next major version of Snort (2.9.3)

--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire


On Apr 18, 2012, at 3:03 AM, Faegheh Majidzadeh wrote:

Hello,

I have 3 snort IDSs which are installed on vm and ubuntu 10.4 OS. I have to correlate these snorts so I use prelude
as a correlator. I installed snort-2.9.2 on 3 vm through the installation manual
(www.snort.org/assets/158/014-snortinstallguide292.pdf) but a little changes in configuring snort by . /configure
-enable-prelude. Then I add the snort to the prelude manager and changed in the snort.conf output-alert prelude:
profile snort. I have some problems:

1) When running snort it shows an error: output-alert prelude: profile snort is not recognized. I doubted if there
is any problem with snort-2.9.2 and prelude.
2) Snort doesn’t show up as an agent in prelude manager.

Is there anyone who experienced installing snort as a prelude sensor?
Does snort version cause the problem?

Thanks in advance,
F.Majidzadeh
------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!



------------------------------------------------------------------------------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second 
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Snort-Prelude Problem Faegheh Majidzadeh (Apr 18)
- Re: Snort-Prelude Problem Joel Esler (Apr 18)
  - Re: Snort-Prelude Problem Ralf Spenneberg (May 11)
  - Message not available
    - Re: Snort-Prelude Problem Joel Esler (May 11)