search

Security-Onion-Solutions / security-onion

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
https://securityonion.net
3.07k stars 522 forks source link

How can I install Snorby on Security Onion 14.04? #1015

Closed f0rb1dd3n closed 7 years ago

f0rb1dd3n commented 7 years ago

I am more acquainted with Snorby interface and its reports. So I wanna know how can I install snorby on new version of Security Onion?

dougburks commented 7 years ago

Hi @f0rb1dd3n,

Snorby is no longer maintained by its original developer and that's why it was removed from Security Onion when we moved to 14.04. Looking at the commits in 2016, Snorby has seen very little maintenance, so we recommend against installing it as doing so may introduce additional security risks.

Please feel free to email our mailing list about the data that you're looking for. Perhaps we can suggest alternative ways of reporting on that data using tools already built into Security Onion 14.04, such as Squert or ELSA. ELSA is advantageous in that, in addition to IDS alerts, it can also report on Bro logs, syslog, etc.

Thanks!