Skip to content

Snorby E Book

Jump to bottom Edit New page
jbc22 edited this page Jun 26, 2012 · 27 revisions

Table of Contents

Pre-Install Considerations

The What and Why of Snorby
Snort vs Suricata vs Sagan
Pre-Installation Design (e.g.: Sizing Deployments)
Picking a Database (Mysql vs Postgres)

Installing Snorby

Installation
Enabling Full Packet Capture (OpenFPC) (in progress)

Installing an IDS

Installing a Database Server
Installing Barnyard2
Installing Snort
Installing Suricata (in progress)
Installing Sagan

Configuring After Install

Adding/Removing Users
Changing Passwords
Email Settings
Deploying with Apache (in progress)
Deploying with Nginx (in progress)
Adding Sensors
Snort Rule Updates (in progress)
Rule Lookups
Increasing Snorby Performance (in progress)

Updating

Updating Snorby

Additional Material

Migrating from BASE (in progress)

Troubleshooting

Alerts Not Showing
Snorby Worker
Manually Run Reports
Database Commands
Community Support (Contact Us)

Sys Admin/Developer Info

Database Schema

Add a custom footer
Add a custom sidebar
Clone this wiki locally