Snort mailing list archives
Re: Snort-Prelude Problem
From: Ralf Spenneberg <ralf () spenneberg de>
Date: Fri, 11 May 2012 11:26:08 +0200
Hi Joel, Am Mittwoch, den 18.04.2012, 12:41 -0400 schrieb Joel Esler:
That being said, prelude support is being removed in the next major version of Snort (2.9.3)
What is the reasoning behind removing the support? Are there any features added which are not supported by Prelude? Kind regards, Ralf
-- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On Apr 18, 2012, at 3:03 AM, Faegheh Majidzadeh wrote:Hello, I have 3 snort IDSs which are installed on vm and ubuntu 10.4 OS. I have to correlate these snorts so I use prelude as a correlator. I installed snort-2.9.2 on 3 vm through the installation manual (www.snort.org/assets/158/014-snortinstallguide292.pdf) but a little changes in configuring snort by . /configure -enable-prelude. Then I add the snort to the prelude manager and changed in the snort.conf output-alert prelude: profile snort. I have some problems: 1) When running snort it shows an error: output-alert prelude: profile snort is not recognized. I doubted if there is any problem with snort-2.9.2 and prelude. 2) Snort doesn’t show up as an agent in prelude manager. Is there anyone who experienced installing snort as a prelude sensor? Does snort version cause the problem? Thanks in advance, F.Majidzadeh ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort-Prelude Problem Faegheh Majidzadeh (Apr 18)
- Re: Snort-Prelude Problem Joel Esler (Apr 18)
- Re: Snort-Prelude Problem Ralf Spenneberg (May 11)
- Message not available
- Re: Snort-Prelude Problem Joel Esler (May 11)
- Re: Snort-Prelude Problem Joel Esler (Apr 18)