[Oisf-users] replacing snort with suricata under sguil 0.7.0
Victor Julien
victor at inliniac.net
Sat Mar 26 11:52:44 UTC 2011
On 03/26/2011 12:07 AM, carlopmart wrote:
> Hi all,
>
> I am trying to replace one snort sensor with suricata. This sensor is
> configured against a sguil 0.7.0 server.
>
> I am seeing some options configured on some sguil agents configuration
> files that differs for suricata. For example in snort_agent.conf file in:
>
> set SNORT_PERF_FILE "${LOG_DIR}/${HOSTNAME}/snort.stats"
>
> Obviously, suricata parse in different manner stats file. But, is it
> possible to integrate suricata under sguil 0.7.0?? What options do I
> need to disable or enable to do this??
>
> Many thanks.
>
You will have to disable the stats. Sguil doesn't have support for
Suricata's stats yet.
Sguil and Suricata mix well, I run it myself.
Cheers,
Victor
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list