Manualshelf

Specifications

ManualsBrandsRed Hat ManualsComputer equipmentNETWORK PROXY SERVER 4.1.0 -
11121314151617181920
Guide to Snare for Linux
4.4 Display of Latest Events / Destination Status
A small rotating cache of audit events is kept by the Snare for Linux web server. Clicking on the
Latest Events menu item will display twenty of the most recent events as displayed in Figure 7.
Figure 7: Display the latest events
Additionally this page shows the status for each Destination that was configured for logging. An
example of this destination status is:
10.1.1.30:6161 (TCP), status: CONNECTED
This information can be used to help debug potential logging issues. The status can be explained as
follows:
Host/Port: e.g.: 10.1.1.30:6161
The host ip/name and port that logs will be sent too.
Log destination Type: e.g.: TCP
The protocol of the remote connection. Possible values are TCP, UDP, SSL or File
The current State of the connection: e.g.: CONNECTED
This field indicates what snare is currently doing with the connection. You will see many
different states including:
© InterSect Alliance, September 2014 Page 20 of 30 Version 4.1