metron-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Otto Fowler <ottobackwa...@gmail.com>
Subject Re: how to using snort as a sensor on metron
Date Sat, 18 Feb 2017 17:50:03 GMT
I don’t have it setup right now, but if you go into var/log on the snort
machine, look for the flume agent logs and make sure there are not errors
there.



On February 18, 2017 at 12:39:48, Youzha (yuza.rasfar@gmail.com) wrote:

no i'm not using vagrant setup. i'm using ansible playbook setup. i'm using
ambari environtment

On Sat, Feb 18, 2017 at 8:53 PM Otto Fowler <ottobackwards@gmail.com> wrote:

> Are you using one of the vagrant setups?   What is your environment?
>
>
> On February 18, 2017 at 04:55:54, Youzha (yuza.rasfar@gmail.com) wrote:
>
>
>
>
>
>
>
>
>
>
>
>
>
> hi. anyone can explained to me how to using snort as
>
> a metron sensor?
>
> i've try this link :
>
>
>
>
>
>
>
>
> https://cwiki.apache.org/confluence/display/METRON/Adding+Dummy+Snort+Data+for+Load+Testing
>
>
>
>
>
>
>
> but i don't see anything work on my snort topology or my
>
> metron UI dashboard. there is no data emitted on my snort
>
> topology.
>
>
>
>
>
> is there any topology that i need to make this work? pls tell
>
> me step by step to using this sensor.
>
>
>
>
>
>
>
>
>
>
>
> ​
>
>
>
>
>
>
>
>
>

Mime
View raw message