[Oisf-users] suricata sensor_id -> barnyard2 : config alert_with_interface_name
Cooper F. Nelson
cnelson at ucsd.edu
Wed Jan 1 07:47:53 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Is there any reason you can't use network bonding?
https://www.kernel.org/doc/Documentation/networking/bonding.txt
On 12/20/2013 1:13 AM, Mark Ashley wrote:
> If your suricata monitors more than one interface (7 in my case), the
> single, static interface you are supposed to hardcod into the
> barnyard2.conf file doesn't make much sense. barnyard is using a unique
> sensor name of hostname:NULL if you don't give it the interface.
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSw8gpAAoJEKIFRYQsa8FWZr4H+gLX72+whbokY9VWfyugJ0vr
eUl3lflhDzQDU609NB8G1jI3uVuq1WSfzn1bDgNdr+sS4T2oCYIp4A+ldDLCdlQq
lFhJH9vle6e76BomLocOu3wud88qNJsgRhiZ/cRE1xfNQxZ9dy6ZR2eqoWNEylW1
IIPzVBTNwB9aAQaZfEbqPeuXHGC397VKPlX++cGJ2NyA6NESpZtwGyPcjE9VkQI1
XIXJXmljYa24XoPJSfjoPkvDrWjDaqfi26/guGL1Nhs5RXnFXvM0uC23nd4cX9ap
m2O9oORo+UnPR3a0ey0OOK0TwotVEZn3GE2YFj2QRdPsAP43N/oMUz+GwzXFhnU=
=dGdP
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list