Support

Support for business applications

Kaspersky XDR Expert

Managing Kaspersky Unified Monitoring and Analysis Platform

Administrator's guide

Configuring event sources

Configuring receipt of Snort events

Kaspersky Next XDR Expert
Online Help
FAQ Forum Contact support Recovery tools

Configuring receipt of Snort events

May 15, 2024

ID 265588

Get as PDF

You can configure the receipt of Snort 3 events in KUMA.

Configuring event receiving consists of the following steps:

  1. Configuring logging of Snort events.
  2. Creating a KUMA collector for receiving Snort events.

    To receive Snort events, in the Collector Installation Wizard, at the Event parsing step, select the [OOTB] Snort 3 json file normalizer, and at the Transport step, select the file connector type.

  3. Installing a KUMA collector for receiving Snort events
  4. Verifying receipt of Snort events in the KUMA collector

    You can verify that the Snort event source server is correctly configured in the Searching for related events section of the KUMA web interface.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.