[Oisf-users] Suricata works; now what?

Christophe Vandeplas christophe at vandeplas.com
Wed May 6 13:22:05 UTC 2015


There's also Scirius: https://github.com/StamusNetworks/Scirius .
It's meant to do a little bit more than just processing events. It's
also about managing your suricata config and rules.



On 6 May 2015 at 08:29, Erich Lerch <erich.lerch at gmail.com> wrote:
> James,
> you have several options (apart from just watching the fast.log with "tail -f"):
>
> - Elasticsearch/Kibana (ELK stack): https://www.elastic.co/
> - EVEbox (https://github.com/jasonish/evebox), also based on Elasticsearch
> - Snorby (https://snorby.org/)
> - Splunk (especially if you already have an instance running)
>
> Then there is OSSIM and ELSA, too, i have no experience with those, however.
>
> --
> erich
>
> 2015-05-06 8:09 GMT+02:00 James Moe <jimoe at sohnen-moe.com>:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Hello,
>>   suricata 2.0.7
>>   linux 3.16.7-21-desktop x86_64
>>
>>   Suricata seems to be functioning correctly now that I gotten the
>> system set up appropriately.
>>   I am sure there are automated tools for alerting the user/admin that
>> alerts have been discovered.
>>   What are typical tools for monitoring suricata results?
>>
>> - --
>> James Moe
>> moe dot james at sohnen-moe dot com
>> 520.743.3936
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2
>>
>> iEYEARECAAYFAlVJr/wACgkQzTcr8Prq0ZOOVgCglxzQR0PkaSG30pl/NghE/4sE
>> si0An1GkCAIorD38FxmJOKsgouv0qyAf
>> =IGEM
>> -----END PGP SIGNATURE-----
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net



More information about the Oisf-users mailing list