[Oisf-users] Frontend/Console supporting IPv6
Martin Holste
mcholste at gmail.com
Sat Apr 21 13:54:44 UTC 2012
If you export as syslog, there are a lot of frontends that will work,
but you won't have direct packet access for viewing the alert.
However, if you have full packet capture alongside, then that doesn't
matter as much. Also, if you ship Suricata's HTTP log into the same
syslog, you will get the URL right next to the alert, which in a lot
of cases is as good as having the packet information.
On Sat, Apr 21, 2012 at 4:04 AM, Victor Julien <victor at inliniac.net> wrote:
> On 04/19/2012 04:03 PM, Sander Klein wrote:
>> On 05.04.2012 09:13, Sander Klein wrote:
>>> Hi All,
>>>
>>> I'm having a bit of a problem with IPv6 which is not really Suricata
>>> related, but I would like to know if or how Suricata users using IPv6
>>> fixed this.
>>>
>>> The problem is that while Suricata/Snort and for instance Snorby
>>> supports IPv6, I can't find a solution to get IPv6 addresses logged
>>> in a
>>> database which both Suricata and Snorby can use. When using the
>>> unified2
>>> format and Barnyard2 to put the log lines in a database the entries
>>> containing IPv6 are empty.
>>>
>>> Does anyone have a solution for this? Or am I just missing something?
>>
>> Sorry for replying to myself, but is no-one using Suricata with an IPv6
>> capable frontend? I'm curious, what are people using as a frontend?
>>
>> I see a lot of talk about IPv6 on this list but I cannot find anything
>> about using suricata with an frontend which is also IPv6 capable. I cant
>> imagine I'm the only one with this problem.
>
> Hey Sander, afaics there is none currently. Lots of talk about it
> indeed, but it hasn't happened yet.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list