Snort mailing list archives
Re: Pigsty - A Barnyard2 Replacement by Threat Stack
From: Steven McLaughlin <steve () Lan com au>
Date: Tue, 4 Jun 2013 18:34:30 +1000
'No, they can read from the same files without conflict.' Q: What if by2 is set to archive processed files. Both would be at separate bookmark locations would they not? Meaning that if by2 for example archived a .u2 after processing and pigsty was a few ticks behind, it could miss a few? On 4 June 2013 09:22, Dustin Webber <dustin.webber () gmail com> wrote:
No, they can read from the same files without conflict. *Dustin Willis Webber* On Mon, Jun 3, 2013 at 6:56 PM, Jeremy Hoel <jthoel () gmail com> wrote:And just to clarify a bit.. if someone did want to run BY2 and pigsty, the snort would need to output two unified2 files, so each could process their own without interfering with each other? On Mon, Jun 3, 2013 at 10:31 PM, Dustin Webber <dustin.webber () gmail com> wrote:James, Good question - we are currently working on a Sguil plugin. You willjustneed to replace barnyard 2. We will also be releasing static versions of pigsty so you don't have to install nodesjs or any dependencies for that matter. We will not make this the standard for Snorby until all pluginsarecompleted. We open sourced it early to get people interested in writing plugins for it and porting over the output methods people areinterested in.I'll post here again when the move to Pigsty and all output plugins are100%completed. Dustin Dustin Willis Webber On Mon, Jun 3, 2013 at 6:19 PM, James Lay <jlay () slave-tothe-box net>wrote:On 2013-06-03 14:59, Dustin Webber wrote:Hey guys, We wrote a Barnyard2 replacement we wanted to open source. Its designed to be very extensible with a very simple plugin architecture based around Node.jss package management. Please check it out here: https://github.com/threatstack/pigsty [1]. Its currently in beta but wed love contributions and help test and write plugins. Here is an example application we wrote using the mysql and web socket output plugins. http://snorby.org:3009/ [2] Its important to note that we will be moving Snorby to this spooler in the future and will no longer support barnyard/2. We plan to open source a few parts of our Threat Stack Incident Response System and unfortunately making barnyard/2 work with our communication protocols and backend is not possible. Either way great things coming to the Snorby project and Im excited to see what the community builds with Pigsty. Happy NSM hacking! DUSTIN WILLIS WEBBER CEO and Co-Founder at Threat Stack, Inc"Its important to note that we will be moving Snorby to this spooler in the future and will no longer support barnyard/2." So say if someone was running sguil in tandem with Snorby....they're going to have to run by2 AND this? James------------------------------------------------------------------------------How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latestSnortnews!------------------------------------------------------------------------------How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latestSnortnews!------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Best Regards, Steven McLaughlin steve () Lan com au 0459 351 266
------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Pigsty - A Barnyard2 Replacement by Threat Stack Dustin Webber (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack James Lay (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack Dustin Webber (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack Jeremy Hoel (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack Dustin Webber (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack James Lay (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack Steven McLaughlin (Jun 04)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack Dustin Webber (Jun 03)
- Re: Pigsty - A Barnyard2 Replacement by Threat Stack James Lay (Jun 03)