<div dir="ltr"><div><div>There are several possibilities. I personally use Snorby as a user interface which I use for an overview and monitoring of events.<br></div>You can of course also parse the log files (e.g. fast.log) and generate an alert from there. <br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, May 6, 2015 at 8:09 AM, James Moe <span dir="ltr"><<a href="mailto:jimoe@sohnen-moe.com" target="_blank">jimoe@sohnen-moe.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hello,<br>
suricata 2.0.7<br>
linux 3.16.7-21-desktop x86_64<br>
<br>
Suricata seems to be functioning correctly now that I gotten the<br>
system set up appropriately.<br>
I am sure there are automated tools for alerting the user/admin that<br>
alerts have been discovered.<br>
What are typical tools for monitoring suricata results?<br>
<br>
- --<br>
James Moe<br>
moe dot james at sohnen-moe dot com<br>
520.743.3936<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2<br>
<br>
iEYEARECAAYFAlVJr/wACgkQzTcr8Prq0ZOOVgCglxzQR0PkaSG30pl/NghE/4sE<br>
si0An1GkCAIorD38FxmJOKsgouv0qyAf<br>
=IGEM<br>
-----END PGP SIGNATURE-----<br>
_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
Suricata User Conference November 4 & 5 in Barcelona: <a href="http://oisfevents.net" target="_blank">http://oisfevents.net</a><br>
</blockquote></div><br></div>