[Oisf-users] Suricata Logs

Alan Wanderley dos Santos alan.santos at rnp.br
Mon Jul 27 18:52:23 UTC 2015


I never used for this, but the Snorby tool does not work for that? 

Other option is use syslog. There are some SIEMs opensource, for example OSSIM. 


Alan Santos 
Analista de Seguran├ža 
Centro de Atendimento a Incidentes de Seguran├ža (CAIS) 
Rede Nacional de Ensino e Pesquisa (RNP) 
(19) 3787-3314 | alan.santos at rnp.br 

De: "Saxena, Samiksha" <samiksha.saxena at verizon.com> 
Para: "oisf-users" <oisf-users at lists.openinfosecfoundation.org> 
Enviadas: Segunda-feira, 27 de julho de 2015 14:53:45 
Assunto: [Oisf-users] Suricata Logs 


I will have more than 20 Suricata engines, where each suricata engine will generate logs based on rules. I want to collect all the logs at one common place from each suricata engine. How should I achieve this? 
Also, what is the value of the logs files and how often the logs are generated? 


Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org 
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/ 
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users 
Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150727/1f2eb9c6/attachment-0002.html>

More information about the Oisf-users mailing list