[Oisf-users] suricata sensor_id -> barnyard2 : config alert_with_interface_name
Mark Ashley
mark at ibiblio.org
Wed Jan 1 10:45:05 UTC 2014
What's that Linux thing? We use Solaris. :)
On 01/01/2014, at 18:47, "Cooper F. Nelson" <cnelson at ucsd.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Is there any reason you can't use network bonding?
>
> https://www.kernel.org/doc/Documentation/networking/bonding.txt
>
> On 12/20/2013 1:13 AM, Mark Ashley wrote:
>> If your suricata monitors more than one interface (7 in my case), the
>> single, static interface you are supposed to hardcod into the
>> barnyard2.conf file doesn't make much sense. barnyard is using a unique
>> sensor name of hostname:NULL if you don't give it the interface.
>>
>
>
> - --
> Cooper Nelson
> Network Security Analyst
> UCSD ACT Security Team
> cnelson at ucsd.edu x41042
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.17 (MingW32)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQEcBAEBAgAGBQJSw8gpAAoJEKIFRYQsa8FWZr4H+gLX72+whbokY9VWfyugJ0vr
> eUl3lflhDzQDU609NB8G1jI3uVuq1WSfzn1bDgNdr+sS4T2oCYIp4A+ldDLCdlQq
> lFhJH9vle6e76BomLocOu3wud88qNJsgRhiZ/cRE1xfNQxZ9dy6ZR2eqoWNEylW1
> IIPzVBTNwB9aAQaZfEbqPeuXHGC397VKPlX++cGJ2NyA6NESpZtwGyPcjE9VkQI1
> XIXJXmljYa24XoPJSfjoPkvDrWjDaqfi26/guGL1Nhs5RXnFXvM0uC23nd4cX9ap
> m2O9oORo+UnPR3a0ey0OOK0TwotVEZn3GE2YFj2QRdPsAP43N/oMUz+GwzXFhnU=
> =dGdP
> -----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list