Shawn Jefferson

Type: Person
Name: Shawn Jefferson
First reported Jun 05 2014 - Updated Jun 06 2014 - 2 reports

Re: Performance Monitor

Posted by Budinich Galvez, Luis Alberto on Jun 06 Shawn, that's what I'm looking for, but don't know how to config in my snort.conf file.Jaime, good to know this but now I'm not able to use SNMP. First, I think I need to tune my configuration.Thanks ... [Published Seclists.org - Snort - Jun 06 2014]
First reported May 28 2014 - Updated May 28 2014 - 1 reports

Re: How to threshold ALL sigs

Posted by Nicholas Mavis (nmavis) on May 28 Bradley,Snort does have global thresholding. Please refer to Event Filtering inthe following link: http://manual.snort.org/node19.html#SECTION00342000000000000000 Using gen_id 0, sig_id 0 is used to specify ... [Published Seclists.org - Snort - May 28 2014]
Entities: Shawn Jefferson
First reported May 23 2014 - Updated May 23 2014 - 1 reports

Re: Tagging

Posted by Steve Crow on May 23 You might consider SiLk for efficiently collecting lots of the data forlater analysis: https://tools.netsa.cert.org/silk/ Steve Crow-----Original Message-----From: Jefferson, Shawn [ mailto:Shawn.Jefferson () bcferries ... [Published Seclists.org - Snort - May 23 2014]

More Content

All (4) | News (0) | Reports (0) | Blogs (4) | Audio/Video (0) | Fact Sheets (0) | Press Releases (0)
sort by: Date | Relevance
Re: Performance Monitor [Published Seclists.org - Snort - Jun 06 2014]
Re: Performance Monitor [Published Seclists.org - Snort - Jun 05 2014]
Re: How to threshold ALL sigs [Published Seclists.org - Snort - May 28 2014]
Re: Tagging [Published Seclists.org - Snort - May 23 2014]
1
In Focus
Content Volume
Document Volume
Network
Network

Blogs

sort by: Date | Relevance
Re: Performance Monitor [Published Seclists.org - Snort - Jun 06 2014]
Posted by Budinich Galvez, Luis Alberto on Jun 06 Shawn, that's what I'm looking for, but don't know how to config in my snort.conf file.Jaime, good to know this but now I'm not able to use SNMP. First, I think I need to tune my configuration.Thanks ...
Re: Performance Monitor [Published Seclists.org - Snort - Jun 05 2014]
Posted by Jefferson, Shawn on Jun 05 And if performance specifically (sorry didn't quite understand), send your snort.stats to different files for eachsnort process? (that's what I do)From: Jefferson, Shawn [ mailto:Shawn.Jefferson () bcferries co ...
Re: How to threshold ALL sigs [Published Seclists.org - Snort - May 28 2014]
Posted by Nicholas Mavis (nmavis) on May 28 Bradley,Snort does have global thresholding. Please refer to Event Filtering inthe following link: http://manual.snort.org/node19.html#SECTION00342000000000000000 Using gen_id 0, sig_id 0 is used to specify ...
Re: Tagging [Published Seclists.org - Snort - May 23 2014]
Posted by Steve Crow on May 23 You might consider SiLk for efficiently collecting lots of the data forlater analysis: https://tools.netsa.cert.org/silk/ Steve Crow-----Original Message-----From: Jefferson, Shawn [ mailto:Shawn.Jefferson () bcferries ...
1
Contact Us
Sales
Support


Freebase CC-BY Some image thumbnails are sourced from Freebase, licensed under CC-BY

Copyright (C) 2014 Silobreaker Ltd. All rights reserved.
The selection and placement of stories and images on any Silobreaker page are determined automatically by a computer program.
The time or date displayed reflects when an article was added to or updated in Silobreaker.