|
|
|
Web-Based Sensor Control and Data Analyzer for the Snort IDS |
Not Released Yet |
|
Snort unified2 binary parser, processing and forwarding events to a variety of databases and log daemons/sockets. |
|
|
Software for searching, monitoring, and analyzing machine-generated data for operational intelligence. |
|
|
The open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. |
|
|
Basic Analysis and Security Engine for Snort |
|
|
|
 | Blog
Splunk EMEA end of year report: machine data goes mainstream
11 December 2013 - As we approach the end of the year, it seems like a good time to reflect on the last few weeks of travelling around Europe presenting at a number of events. It has been good to be out on the road across EMEA and it has been a smorgasbord of events, demonstrations, confessions relating to late 80s po…
Logging DMVs from Microsoft SQL Server with PowerShell
9 December 2013 - Some systems are easy to monitor and diagnose – just Splunk the log file or performance counter and you are pretty much done. Others take a little more work. Take, for example, Microsoft SQL Server. Many of the best bits of management information are stored in Dynamic Management Views, or D…
Monitor Processes Per User on Microsoft Remote Desktop Services Session Host
9 December 2013 - Microsoft Windows Remote Desktop Session Host (formerly Terminal Services) hosts multiple users on the same Windows Server Operating System. Therefore, all these users are sharing the same resources available to the OS. A lot of administrators want to know which processes belong to which user an…
Hunk Preprocessors: How to DIY
6 December 2013 - In the previous blog post on image searching with Splunk, I showed you how you can preprocess data with Hunk to get the ability to Splunk any data. This blog post is all about how to do it your self. Code! Before we start, here are links to the code for the image preprocessor demo: github.com/splunk…
Comparing week-over-week results
4 December 2013 - Comparing week-over-week results is a pain in Splunk. You have to do absurd math with crazy date calculations for even the simplest comparison of a single week to another week. No more. I wrote a convenient search command called timewrap that does it all, for arbitrary time periods, over *multiple*…
|
 | Blog
Sourcefire VRT Certified Snort Rules Update for 12/10/2013, MSTues
10 December 2013 - Just released:Sourcefire VRT Certified Snort Rules Update for 12/10/2013We welcome the introduction of the newest rule release from the VRT. In this release we introduced 37 new rules and made modifications to 25 additional rules. There were no changes made to the snort.conf in this releas…
Sourcefire VRT Certified Snort Rules Update for 12/05/2013
5 December 2013 - Just released:Sourcefire VRT Certified Snort Rules Update for 12/05/2013We welcome the introduction of the newest rule release from the VRT. In this release we introduced 8 new rules and made modifications to 38 additional rules. There was one change made to the snort.conf in this release:…
Sourcefire VRT Certified Snort Rules Update for 12/02/2013
2 December 2013 - Just released:Sourcefire VRT Certified Snort Rules Update for 12/02/2013We welcome the introduction of the newest rule release from the VRT. In this release we introduced 39 new rules and made modifications to 46 additional rules. There were no changes made to the snort.conf in this releas…
Sourcefire VRT Certified Snort Rules Update for 11/26/2013
26 November 2013 - Just released:Sourcefire VRT Certified Snort Rules Update for 11/26/2013We welcome the introduction of the newest rule release from the VRT. In this release we introduced 19 new rules and made modifications to 52 additional rules. There were two changes made to the snort.conf in this relea…
Sourcefire VRT Certified Snort Rules Update for 11/22/2013
22 November 2013 - Just released:Sourcefire VRT Certified Snort Rules Update for 11/22/2013We welcome the introduction of the newest rule release from the VRT. In this release we introduced 170 new rules and made modifications to 22 additional rules. There were no changes made to the snort.conf in this relea…
|
|
