Home page logo
/

snort logo Snort mailing list archives

Re: Pigsty - A Barnyard2 Replacement by Threat Stack
From: Dustin Webber <dustin.webber () gmail com>
Date: Mon, 3 Jun 2013 19:22:33 -0400

No, they can read from the same files without conflict.

*Dustin Willis Webber*


On Mon, Jun 3, 2013 at 6:56 PM, Jeremy Hoel <jthoel () gmail com> wrote:

And just to clarify a bit.. if someone did want to run BY2 and pigsty,
the snort would need to output two unified2 files, so each could
process their own without interfering with each other?





On Mon, Jun 3, 2013 at 10:31 PM, Dustin Webber <dustin.webber () gmail com>
wrote:
James,

Good question - we are currently working on a Sguil plugin. You will just
need to replace barnyard 2. We will also be releasing static versions of
pigsty so you don't have to install nodesjs or any dependencies for that
matter. We will not make this the standard for Snorby until all plugins
are
completed. We open sourced it early to get people interested in writing
plugins for it and porting over the output methods people are interested
in.

I'll post here again when the move to Pigsty and all output plugins are
100%
completed.

Dustin

Dustin Willis Webber


On Mon, Jun 3, 2013 at 6:19 PM, James Lay <jlay () slave-tothe-box net>
wrote:

On 2013-06-03 14:59, Dustin Webber wrote:
Hey guys,

We wrote a Barnyard2 replacement we wanted to open source.    Its
designed to be very extensible with a very simple plugin
architecture based around Node.jss package management.  Please
check it out here: https://github.com/threatstack/pigsty [1].

Its currently in beta but wed love contributions and help test and
write plugins.

Here is an example application we wrote using the mysql and web
socket
output plugins. http://snorby.org:3009/ [2]

Its important to note that we will be moving Snorby to this spooler
in
the future and will no longer support barnyard/2. We plan to open
source a few parts of our Threat Stack Incident Response System and
unfortunately making barnyard/2 work with our communication protocols
and backend is not possible.

Either way great things coming to the Snorby project and Im excited
to
see what the community builds with Pigsty.

Happy NSM hacking!

 DUSTIN WILLIS WEBBER

CEO and Co-Founder at Threat Stack, Inc


"Its important to note that we will be moving Snorby to this spooler in
the future and will no longer support barnyard/2."

So say if someone was running sguil in tandem with Snorby....they're
going to have to run by2 AND this?

James



------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort
news!




------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest
Snort
news!

------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]