kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/security/sguil/files/pkg-message-sensor.in
John Marino 389083ef74 Add new port security/sguil (version 0.9.0) 
This port replaces security/sguil-client, security/sguild-server and
security/sguil-sensor which are at version 0.8.0.  They will be removed
shortly as a result.

PR:		191347
Submitted by:	Muhammad Rahman

Sguil (pronounced sgweel) is built by network security analysts for network
security analysts. Sguil's main component is an intuitive GUI that provides
access to realtime events, session data, and raw packet captures. Sguil
facilitates the practice of Network Security Monitoring and event driven
analysis. The Sguil client is written in tcl/tk and can be run on any operating
system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
2014-08-16 18:38:25 +00:00

31 lines
1.4 KiB
Text
Raw Blame History

***********************************
* !!!!!!!!!!! WARNING !!!!!!!!!!! *
***********************************
If you already had barnyard2 installed, this port will NOT deinstall
it and install the barnyard2-sguil port instead. You will need to
deinstall the barnyard2 port and install the barnyard2-sguil port yourself
instead. This port WILL NOT WORK without the barnyard2-sguil port!!
See the %%DOCSDIR%%/INSTALL doc for details on the
configuration and for croning the script.
WARNING!!! Sguil et al will fill up your /tmp directory very
quickly. You should probably configure sguil et al to log to
another partition/location (e.g. /nsm/tmp/).
You must ALSO edit all of the sensor conf files (located in
%%PREFIX%%/%%SENSOR_SGUILDIR%%/etc/) to reflect your configuration before
starting the sensor_agents.
A number of ancilliary things have been installed in
%%PREFIX%%/share/%%SENSOR_SGUILDIR%%.
If you chose to run sancp, and you already had a sancp.conf file in
%%PREFIX%%/etc, copy it to sancp.conf.orig before creating the new one.
The new sancp.conf-sample file contains the settings for squil. NOTE:
the conf file is for sancp 1.5.3. It may need additional edits to work
with the current ports version of sancp. If you still want to maintain
the customized sancp.conf file, then copy the new sancp.conf-sample
file to sguild-sancp.conf (for example) and add
sancp_conf=%%PREFIX%%/etc/sguild-sancp.conf to /etc/rc.conf.
Reference in a new issue View git blame Copy permalink