New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Perform full packet capture using daemonlogger instead of snort #133

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@GoogleCodeExporter

GoogleCodeExporter commented Mar 24, 2015

Source code indicates that daemonlogger default snaplen is 65535

Need to modify the following in /usr/local/sbin/:
nsm_sensor_ps-start
nsm_sensor_ps-restart
nsm_sensor_ps-stop
nsm_sensor_ps-status

Need to modify /etc/cron.d/sensor-newday

Build new securityonion-nsmnow-admin-scripts DEB

Upgrade script will need to:
nsm_sensor_ps-stop --only-snort-logging
install new DEB
nsm_sensor_ps-start --only-daemonlogger

Original issue reported on code.google.com by doug.bu...@gmail.com on 19 Oct 2011 at 6:55

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://securityonion.blogspot.com/2011/10/security-onion-20111020-now-available.
html

Original comment by doug.bu...@gmail.com on 22 Oct 2011 at 8:20

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

GoogleCodeExporter commented Mar 24, 2015

Published:
http://securityonion.blogspot.com/2011/10/security-onion-20111020-now-available.
html

Original comment by doug.bu...@gmail.com on 22 Oct 2011 at 8:20

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment