[Oisf-users] How we Use Suricata ?
Victor Julien
victor at inliniac.net
Mon Jun 7 10:38:17 UTC 2010
>From my post:
"There are 3 log files in /var/log/suricata that will be interesting to
monitor:
- stats.log: displays statistics on packets, tcp sessions etc.
- fast.log: a alerts log similar to Snort’s fast log.
- http.log: displays HTTP requests in a Apache style format"
So thats a start. The unified and unified2 files can be used with
barnyard and barnyard2 to use frontends like BASE, Sguil, etc...
Cheers,
Victor
Anas.B wrote:
> Good Morning,
>
> I've applyed this tutoriel
> /http://www.inliniac.net/blog/2010/05/10/setting-up-suricata-0-9-0-for-initial-use-on-ubuntu-lucid-10-04.html
> /
> Now i'm in the end, after typing this command : *# suricata -c
> /etc/suricata/suricata.yaml -i eth0 --user suricata --group suricata
>
> Suricata* start, and i have this message
>
> [2087] 9/5/2010 — 18:17:47 – (tm-threads.c:1362)
> (TmThreadWaitOnThreadInit) — all 8 packet processing threads, 3
> management threads initialized, engine started.
>
> Now what is the next step ? how can i visualise or interstand whats's
> happening !!
>
> Thank you.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list