Skip to content

tbaror/Snorby

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

397 Commits
app
app
 
 
config
config
 
 
db
db
 
 
doc
doc
 
 
lib
lib
 
 
public
public
 
 
script
script
 
 
test
test
 
 
tmp
tmp
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
README.rdoc
README.rdoc
 
 
Rakefile
Rakefile
 
 

Repository files navigation

Snorby - All about simplicity.

Snorby is a new and modern Snort IDS front-end. The basic fundamental concepts behind snorby are simplicity and power. The project goal is to create a free, open source and highly competitive application for network monitoring for both private and enterprise use. Snorby is currently stable and ready for production environments.

Snorby Setup

Get Snorby:

git clone git://github.com/mephux/Snorby.git

Snorby Database Configuration:

You will need to edit and rename /config/database.yml.example to /config/database.yml Example Database Config: (spacing is important to .yml files and it will error if changed) 

production:
  adapter: mysql
  database: name_of_snort_database_here
  username: my_user
  password: my_password
  host: localhost

Snorby Email Configuration:

You will need to edit and rename /config/email.yml.example to /config/email.yml Example Email Config: (spacing is important in .yml files and it will error if changed)

production:
  :address: smtp.gmail.com
  :port: 25
  :authentication: plain
  :user_name: user
  :password: pass

for a relay setup simply:

production:
  :address: smtp.gmail.com
  :domain: localhost

If this is your first time installing Snorby, setup the snorby database and cron jobs with:

rake snorby:setup RAILS_ENV=production

Update:

rake snorby:update RAILS_ENV=production

Reset:

rake snorby:reset RAILS_ENV=production   # ALL DATA WILL BE LOST

Gems

Snorby is packaged with the needed gems however you may need to install the following in some cases:

sudo gem install mysql
sudo gem install prawn

Setup Snorby With Apache:

wiki.github.com/mephux/Snorby/snorby-recipe-with-barnyard2-unified2-and-apache-jjc

Start Snorby:

ruby script/server -e production -b 127.0.0.1 -p 80 -d

-b = bind address [Default: loopback]
-p = port number [Default: 3000]
-e = environment
-d = Run server as daemon

MAKE SURE IT IS RAN IN PRODUCTION MODE ONLY! SPEED!!! 

-e production

The default User Name and Password for Snorby: 

User: snorby
Password: admin

PLEASE MAKE SURE YOU CHANGE THIS!

TODO

  • Link for dashboard graphs

  • Session view for events

  • Tune events

  • Better XML Support

Helpful links

Before contacting me directly, please read:

If you find a bug or a problem please post it on the snorby issues page. If you need help with something, please use google groups. I check both regularly and get emails when anything happens, so that is the best place to get help. This also benefits other people in the future with the same questions / problems. Thank you.

Copyright © 2009 Dustin Willis Webber [www.Snorby.org], released under the GPL license

About

A modern and clean Snort web front-end.

www.snorby.org

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

6 tags

Packages

No packages published