N/APosted on - 11/24/2013
I am using snare to send window log files to the vault. It's getting too slow while sending snare windows monitor log file to the vault. My computer is damn slow during this process . Help me to get rid of this. Waiting for your replays.
Thanks, Matthew D Martinez
Snare Windows monitor log file
The process of sending windows log file to the vault through snare can be very slow if your system memory is low or the file memory is high.
You can do the following steps:
1) Check for running snare plugin, if any.
2) Check /etc/ossim/agent/plugins/snare.cfg and see if system is pointing at /var/log/syslog.
3) Check [HKEY_LOCAL_MACHINE/SOFTWARE/InterSect Alliance/AuditService/Network/Destination].
4) Check logfiles (grep -i mswineventlog /var/log/ossim/*).
Hope this helps