[Oisf-users] How to deploy suricata

Chris Boley ilgtech75 at gmail.com
Wed Aug 1 22:46:31 UTC 2018


Utkarsh, upon re-reading your question, I realized that I may have
misunderstood your question. Are you asking how to position a sensor to
monitor 120 endpoints? Or are you asking how to aggregate logging from 120
sensors?

On Wed, Aug 1, 2018 at 6:38 PM Chris Boley <ilgtech75 at gmail.com> wrote:

> look up OwlH, they’ve created an integration package to put on your
> suricata sensor and ship the logs to OSSEC / WAZUH.
>
> Chris
>
> On Mon, Jul 30, 2018 at 4:11 PM Cooper F. Nelson <cnelson at ucsd.edu> wrote:
>
>> If you are a Cisco shop you should check out ERSPAN:
>>
>> https://packetpushers.net/erspan-new-favorite-packet-capturing-trick/
>>
>> -Coop
>>
>> On 7/28/2018 12:48 AM, Utkarsh Bhargava wrote:
>> > Hi All,
>> >
>> > How to monitor the entire network ( 120 nodes ) using suricata ? Do I
>> > need to install suricata on each device or there's something like
>> > suricata agents as we have in OSSEC ?
>> >
>> > Please help me !
>> >
>> >
>> > Regards
>> >
>> >
>> > _______________________________________________
>> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> > Site: http://suricata-ids.org | Support:
>> http://suricata-ids.org/support/
>> > List:
>> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> >
>> > Conference: https://suricon.net
>> > Trainings: https://suricata-ids.org/training/
>>
>> --
>> Cooper Nelson
>> Network Security Analyst
>> UCSD ITS Security Team
>> cnelson at ucsd.edu x41042
>>
>>
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>> Conference: https://suricon.net
>> Trainings: https://suricata-ids.org/training/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180801/1fe79067/attachment.html>


More information about the Oisf-users mailing list