c nerd
Installing Snort 2.9.3.1 on OpenBSD 5.2

<< Snort2pfc nerdSetup >>

9. Swatch

image: dirt

Having abandoned barnyard2, I’m trying a simpler route: swatch. Snort can output to syslog; swatch can monitor syslog for a particular item and send out an alert when it’s found. This forces me to set up an outbound mail server, too. Given the problems with the OS X Mail Server under Mountain Lion (it just doesn’t work), I’ve set up smtpd under OpenBSD. I would set up sendmail, but I don’t properly understand it.

Swatch will require me to tune my snort alerts carefully, of course. But at least, finally, I get to see what snort says—once I know snort, tune it, so I can start to use it properly.

3.2.13

arts and egoo


poems
photos
music

books
keys
site

© d harris


blog

c nerd
tannoy
see nerd)
early

c nerd

2013
2012
index

2013

part 7
part 6
part 5
part 4
part 3
part 2
part 1





this archive is hosted by arts & ego
© 1978–2025 dylan harris   some rights reserved