'munin'에 해당되는 글 1건

  1. 2012.09.11 snort 퍼포먼스 모니터링

snort 퍼포먼스 모니터링

snort 2012. 9. 11. 19:21 |

#####스노트 perfmon 옵션실행#####################################

vim /etc/snort/snort.conf

주석제거

preprocessor perfmonitor: time 30 file /var/snort/snort.stats pktcnt 10000

디렉터리 생성

mkdir /var/snort/

스노트 재시작

###################################################################


#####munin설치 & 설정######################################################

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm

yum -y install munin

yum -y install munin-node


vim /etc/munin/munin-node.conf

내용수정

  st_name snort;snort01          <-- 이름을 지정

  allow ^AAA\.AAA\.AAA\.AAA$  <-- 모니터링용 서버의 IP주소(AAA.AAA.AAA.AAA)


vim /etc/munin/munin.conf

내용추가

  [snort;snort01]

   address BBB.BBB.BBB.BBB   <-- 감시할 서버의 IP주소

    use_node_name yes


#########snort 관련 플러그인 등록 ###################################

ln -s /usr/share/munin/plugins/snort_* /etc/munin/plugins/


서비스 재시작

service httpd restart

service munin-node restart




'snort' 카테고리의 다른 글

Managing Snort Alerts  (0) 2013.01.11
Snort On Multiple NICs  (0) 2012.11.09
snort-sms연동(bash)  (0) 2012.04.19
snort 룰설정  (0) 2012.03.21
sguil 관련  (0) 2012.02.16
Posted by applicationlayer
: