Snorby is a ruby on rails web application for network security monitoring that interfaces with current popular intrusion detection systems (Snort, Suricata and Sagan). The basic fundamental concepts behind Snorby are simplicity, organization and power. The project goal is to create a free, open source and highly competitive application for network monitoring for both private and enterprise use.
Get Snorby from the download section or use the latest edge release via git.
git clone git://github.com/Snorby/snorby.git
Move into de snorby Directory
cd snorby
Install Gem Dependencies (make sure you have bundler installed: gem install bundler
)
$ bundle install
NOTE: If you get missing gem issues in production use bundle install --path vendor/cache
If your system gems are updated beyond the gemfile.lock you should use as an example bundle exec rake snorby:setup
If running bundle exec {app}
is painful you can safely install binstubs by bundle install --binstubs
Install wkhtmltopdf
pdfkit --install-wkhtmltopdf # If this fails - visit http://wkhtmltopdf.org/ for more information
Run The Snorby Setup
rake snorby:setup
sed -i 's/\(^.*\)\(Mime::Type.register.*application\/pdf.*$\)/\1if Mime::Type.lookup_by_extension(:pdf) != "application\/pdf"\n\1 \2\n\1end/' vendor/cache/ruby/*.*.*/bundler/gems/ezprint-*/lib/ezprint/railtie.rb
sed -i 's/\(^.*\)\(Mime::Type.register.*application\/pdf.*$\)/\1if Mime::Type.lookup_by_extension(:pdf) != "application\/pdf"\n\1 \2\n\1end/' vendor/cache/ruby/*.*.*/gems/actionpack-*/lib/action_dispatch/http/mime_types.rb
sed -i 's/\(^.*\)\(Mime::Type.register.*application\/pdf.*$\)/\1if Mime::Type.lookup_by_extension(:pdf) != "application\/pdf"\n\1 \2\n\1end/' vendor/cache/ruby/*.*.*/gems/railties-*/guides/source/action_controller_overview.textile
Edit The Snorby Configuration File
config/snorby_config.yml
Edit The Snorby Mail Configurations
config/initializers/mail_config.rb
Once all options have been configured and snorby is up and running
DailyCache
and SensorCache
jobs are running.Default User Credentials
NOTE - If you do not run Snorby with passenger (http://www.modrails.com) people remember to start rails in production mode.
rails -e production
In the root Snorby directory type the following command:
`git pull origin master`
Once the pull has competed successfully run the Snorby update rake task:
`rake snorby:update`
You can open the rails console at anytime and interact with the Snorby environment. Below are a few helpful commands that may be useful:
rails c
in the Snorby root directorySnorby Worker
Snorby::Worker.stop # Stop The Snorby Worker
Snorby::Worker.start # Start The Snorby Worker
Snorby::Worker.restart # Restart The Snorby Worker
Snorby Cache Jobs
# This will manually run the sensor cache job - pass true or false for verbose output
Snorby::Jobs::SensorCacheJob.new(true).perform`
# This will manually run the daily cache job - once again passing true or false for verbose output
Snorby::Jobs::DailyCacheJob.new(true).perform
# Clear All Snorby Cache - You must pass true to this method call for confirmation.
Snorby::Jobs.clear_cache
# If the Snorby worker is running this will start the cache jobs and set the run_at time for the current time.
Snorby::Jobs.run_now!
Please refer to the LICENSE file found in the root of the snorby project.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。