Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Perform full packet capture using daemonlogger instead of snort #133

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 1 comment
Closed

Comments

@GoogleCodeExporter
Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Source code indicates that daemonlogger default snaplen is 65535

Need to modify the following in /usr/local/sbin/:
nsm_sensor_ps-start
nsm_sensor_ps-restart
nsm_sensor_ps-stop
nsm_sensor_ps-status

Need to modify /etc/cron.d/sensor-newday

Build new securityonion-nsmnow-admin-scripts DEB

Upgrade script will need to:
nsm_sensor_ps-stop --only-snort-logging
install new DEB
nsm_sensor_ps-start --only-daemonlogger

Original issue reported on code.google.com by doug.bu...@gmail.com on 19 Oct 2011 at 6:55

@GoogleCodeExporter

This comment has been minimized.

Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Published:
http://securityonion.blogspot.com/2011/10/security-onion-20111020-now-available.
html

Original comment by doug.bu...@gmail.com on 22 Oct 2011 at 8:20

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant
You can’t perform that action at this time.