Differences

This shows you the differences between two versions of the page.

--- snort_and_snorby [2014/05/09 21:56] – [Install and start Snorby] admin
+++ snort_and_snorby [2014/06/10 12:03] – admin
@@ Line 1: / Line 1: @@
+{{tag>[security snort]}}
 =====Snort and Snorby=====
 This guide will help you install a Snort sensor and the Snorby web interface.
@@ Line 111: / Line 114: @@
 edit /usr/local/etc/barnyard2.conf
+config reference_file:      /usr/local/snort/etc/reference.config
+config classification_file: /usr/local/snort/etc/classification.config
+config gen_file:            /usr/local/snort/etc/gen-msg.map
+config sid_file:            /usr/local/snort/etc/sid-msg.map
+config logdir: /mnt/snort/log
+config hostname:   snort
+config interface:  eth1
+config daemon
+config waldo_file: /mnt/snort/bylog.waldo
+config archivedir: /mnt/snort/archive
+input unified2
+output alert_fast: /mnt/snort/log/barnyard2.alert
+output database: log, mysql, user=snort password=snortpass dbname=snorby host=snorby
 ln -s /etc/snort/gen-msg.map /usr/local/snort/etc
-/usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /mnt/snort/log -f snort_eth1.u2 -w /mnt/snort/bylog.waldo
+/usr/local/bin/barnyard2 -c /usr/local/etc/barnyard2.conf -d /mnt/snort/log -f snort_eth1.u2
 </code>