[Oisf-users] Suricata-GUI

Anas.B a.bouhsaina at gmail.com
Tue Jul 6 12:09:54 UTC 2010


I think the first thing to install is the database, But there is not a
script to create tables, as Snort !!
and no "*# output alert_unified: filename snort.alert, limit 128
*
*  # output log_unified: filename snort.log, limit 128*
in suricata.yaml we don't have any reference !
or we do not need to indicatate this,files are alreday unfied.2

Also to get Barnyard's Output

   - *Log_acid_db :* type de base de données (MySQL)
   - *Database :* nom de la base de données de Snort (snort)
   - *Server :* nom du serveur (localhost)
   - *User :* nom d’utilisateur pour la connexion à la base de données Snort

   - *Password :* mot de passe associé
   - *Detail :* niveau de detail (full)

I should have alreday a Database !!
so waht is it's structure !!!

thanks.

Anas

2010/6/22 Brant Wells <bwells at tfc.edu>

> I would recommend starting with BASE from
>
> >> http://base.secureideas.net/
>
> Follow the documentation from there and get the web pages to load (of
> course, there won't be any information in them).
>
> That will be a start.  Once you get that installed, write back and we can
> give you some pointers for getting Barnyard working with Suricata.
>
> See yas!
> ~Brant
>
>
> On Tue, Jun 22, 2010 at 12:22 PM, Anas.B <a.bouhsaina at gmail.com> wrote:
>
>> Please, can u guide, where can i find the Install solution ? (with
>> Suricata)
>>
>>
>> Thank you.
>>
>> 2010/6/22 Will Metcalf <william.metcalf at gmail.com>
>>
>> Yes they do. But you can use barnyard/barnyard2 to feed the respective
>>> databases using the unified/unifed2 output from suricata.
>>>
>>> Regards,
>>>
>>> Will
>>>
>>> On Tue, Jun 22, 2010 at 10:13 AM, Martin Spinassi
>>> <martins.listz at gmail.com> wrote:
>>> > On Tue, 2010-06-22 at 09:43 -0500, Will Metcalf wrote:
>>> >> You can use anything that will take output from barnyard or can handle
>>> >> unified/unified2 output natively.  These tend to be the most popular
>>> >> ones I think, although I'm sure there are many more.
>>> >>
>>> >> http://base.secureideas.net/
>>> >> http://snorby.org/
>>> >> http://sguil.sourceforge.net/
>>> >>
>>> >> Regards,
>>> >>
>>> >> Will
>>> >
>>> > Will,
>>> >
>>> > AFAIK, those gui tools needs a database to gather Suricata's
>>> statistics,
>>> > but suricata works with plain logs, not with a db, am I right?
>>> >
>>> >
>>> > Regrads,
>>> >
>>> > Martin
>>> >
>>> >
>>>
>>
>>
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20100706/0ecd4a5b/attachment.html


More information about the Oisf-users mailing list