Re: Snort-Prelude Problem

[Ralf Spenneberg <ralf () spenneberg de>]

Hi Joel,

Am Mittwoch, den 18.04.2012, 12:41 -0400 schrieb Joel Esler:
> That being said, prelude support is being removed in the next major version of Snort (2.9.3)
What is the reasoning behind removing the support? Are there any
features added which are not supported by Prelude?

Kind regards,

Ralf

> --
> Joel Esler
> Senior Research Engineer, VRT
> OpenSource Community Manager
> Sourcefire
>
>
> On Apr 18, 2012, at 3:03 AM, Faegheh Majidzadeh wrote:
>
> > Hello, 
> >
> > I have 3 snort IDSs which are installed on vm and ubuntu 10.4 OS. I have to correlate these snorts so I use prelude 
> > as a correlator. I installed snort-2.9.2 on 3 vm through the installation manual 
> > (www.snort.org/assets/158/014-snortinstallguide292.pdf)  but a little changes in configuring snort by . /configure 
> > -enable-prelude. Then I add the snort to the prelude manager and changed in the snort.conf output-alert prelude: 
> > profile snort. I have some problems:
> >
> > 1)  When running snort it shows an error: output-alert prelude: profile snort is not recognized. I doubted if there 
> > is any problem with snort-2.9.2 and prelude.
> > 2) Snort doesn’t show up as an agent in prelude manager.
> >  
> > Is there anyone who experienced installing snort as a prelude sensor?
> > Does snort version cause the problem?
> >  
> > Thanks in advance,
> > F.Majidzadeh
> > ------------------------------------------------------------------------------
> > Better than sec? Nothing is better than sec when it comes to
> > monitoring Big Data applications. Try Boundary one-second 
> > resolution app monitoring today. Free.
> > http://p.sf.net/sfu/Boundary-dev2dev_______________________________________________
> > Snort-users mailing list
> > Snort-users () lists sourceforge net
> > Go to this URL to change user options or unsubscribe:
> > https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> > http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> > Please visit http://blog.snort.org to stay current on all the latest Snort news!
>
>
> ------------------------------------------------------------------------------
> Better than sec? Nothing is better than sec when it comes to
> monitoring Big Data applications. Try Boundary one-second 
> resolution app monitoring today. Free.
> http://p.sf.net/sfu/Boundary-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!




------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!