|
|
|
Web-Based Sensor Control and Data Analyzer for the Snort IDS |
Not Released Yet |
|
Snort unified2 binary parser, processing and forwarding events to a variety of databases and log daemons/sockets. |
|
|
Software for searching, monitoring, and analyzing machine-generated data for operational intelligence. |
|
|
The open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. |
|
|
Basic Analysis and Security Engine for Snort |
|
|
|
 | Blog
Making service desk relevant within your organization
24 April 2014 - With Knowledge14 kicking off next week, it’s a good time to reminisce on your service desk, the face of your operations to both internal and external customers. For external facing service desks supporting customers, the effectiveness has traditionally been measured on mean time to resolution, fir…
Announcing the Splunk Add-on for Check Point OPSEC LEA 2.1.0
23 April 2014 - Check Point administrators rejoice, Splunk Add-on for OPSEC LEA 2.1.0 has been released! The free update provides useful improvements to almost every aspect of the add-on. User Interface The old OPSEC interface has been completely overhauled and streamlined. The interface is no longer stuck i…
It’s That Time Again!
23 April 2014 - The other day I was asked how Splunk can be configured to index a file where the events have different timestamps. If you index this type of log file, your events end up being merged together because the timestamps are in multiple formats and may end up looking something like this: Here is an exa…
That happened: episode 40
22 April 2014 - This week in “That happened: notes from #splunk”, a blog about the goings-on in the Splunk IRC channel: Ducky drops some wisdom, the #splunk buddy system in action, some things never get old, sharing the Splunk clue: Interested in Splunk performance as it relates to kernel filesystem caching?
Higher Education, Heartbleed, and the Heroes in your IT shop
22 April 2014 - At Splunk we spend a lot of time working with rank-and-file IT folks in higher education who must consistently deliver on two wildly divergent fronts – first, protect against threats foreseeable and unforeseeable (who saw HeartBleed coming?); and second, provide open infrastructure for the creati…
|
 | Blog
Sourcefire VRT Certified Snort Rules Update for 04/24/2014
24 April 2014 - Just released:Sourcefire VRT Certified Snort Rules Update for 04/24/2014We welcome the introduction of the newest rule release from the VRT. In this release we introduced 12 new rules and made modifications to 6 additional rules. There were no changes made to the snort.conf in this release…
OpenAppId Webinar has been scheduled!
24 April 2014 - Announced at RSA, Snort 2.9.7.0 Alpha with the OpenAppID preprocessor, rule keywords and new features: http://blog.snort.org/2014/02/snort-2970-alpha-release-now-available.html have generated an immense amount of interest in the Snort community.If you aren't familiar with OpenAppId, you can che…
Snort 2.9.4.6 is now EOL for rule support.
24 April 2014 - Snort 2.9.4.6 is now EOL for rule support.This means we will no longer be releasing updates for this version of the rule engine. Users of this version are now encouraged to upgrade to the latest version of Snort, which is now Snort 2.9.6.1.Please review our EOL policy here: http://www.snort.org…
Sourcefire VRT Certified Snort Rules Update for 04/24/2014
24 April 2014 - Just released:Sourcefire VRT Certified Snort Rules Update for 04/24/2014We welcome the introduction of the newest rule release from the VRT. In this release we introduced 8 new rules and made modifications to 5 additional rules. There were no changes made to the snort.conf in this release.
Snort 2.9.6.1 is now available!
23 April 2014 - Snort 2.9.6.1 is now available on snort.org, athttp://www.snort.org/snort-downloads/ in the Development section.Snort 2.9.6.1 includes changes for the following:2014-04-22 - Snort 2.9.6.1[*] Improvements* Added a control command to dump all packets matching a BPF to a pcap file for captu…
|
|
