Snort IDS

Version : Snort 2.9 and later.

Snort IDS is an open-source intrusion detection system that analyze network traffics in real-time and provides data packet logging. It detects potentially malicious activities by employing a rule-based language that integrates anomaly, protocol, and signature inspection methods.

Netsurion's Open XDR platform monitors Snort events retrieved via syslog. Dashboard, category, alerts, and reports in Netsurion's Open XDR platform will benefit you in tracking possible attacks, suspicious activities, or any other threat based on rules defined in the Snort configuration file.

Netsurion Data Source Integrations for Snort IDS allows you to monitor the following components:

  • Security – Alerts and Reports for all security-related events.

Once Snort IDS auditing is enabled and Snort IDS logs are received in Netsurion, configure alerts and reports.

Alerts

Type Name Description
Security Snort IDS - Critical threat detected This alert is generated for priority one (Priority 1) based logs.
Security Snort IDS - Potential attacks detected This alert is generated for priority two (Priority 2) based logs.

Reports

Type Name Description
Security Snort IDS - Activity Overview This report provides information about all the activities that take place in Snort IDS.

Documentation

The configuration details are consistent with Netsurion version 9.2 or later, and Snort 2.9 and later.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept