[Oisf-users] Suricata works; now what?
Doug Burks
doug.burks at gmail.com
Wed May 6 11:57:34 UTC 2015
Hi James,
Here are a few of my favorite interfaces for Suricata alerts:
- Snorby
https://www.snorby.org/
- Squert
http://www.squertproject.org/
- Sguil
https://bammv.github.io/sguil/
- ELSA
https://code.google.com/p/enterprise-log-search-and-archive/
If you'd like to quickly try these interfaces, you could try Security
Onion (which includes Suricata as well):
http://securityonion.net
On Wed, May 6, 2015 at 2:09 AM, James Moe <jimoe at sohnen-moe.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
> suricata 2.0.7
> linux 3.16.7-21-desktop x86_64
>
> Suricata seems to be functioning correctly now that I gotten the
> system set up appropriately.
> I am sure there are automated tools for alerting the user/admin that
> alerts have been discovered.
> What are typical tools for monitoring suricata results?
>
> - --
> James Moe
> moe dot james at sohnen-moe dot com
> 520.743.3936
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iEYEARECAAYFAlVJr/wACgkQzTcr8Prq0ZOOVgCglxzQR0PkaSG30pl/NghE/4sE
> si0An1GkCAIorD38FxmJOKsgouv0qyAf
> =IGEM
> -----END PGP SIGNATURE-----
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
More information about the Oisf-users
mailing list