Snare. The world standard for effectively gathering and filtering IT-event data for critical security monitoring, analysis, auditing and archiving.
Snare Agent for Linux
Snare for Linux allows event logs from the native Linux audit subsystem to be collected from the operating system, and forwarded to a remote audit event collection facility after appropriate filtering. Snare for Linux is known to work on Red Hat Enterprise 5 and 6, CentOS 5 and 6, Fedora Core 11 to 17, Ubuntu, Debian and SuSE 10 and 11 for both 32 and 64 bit systems.
The Snare for Linux agent allows all components of the operating system to be monitored including user logon activity, file monitoring, process monitoring, kernel, all administrative activity and much more. The agent has the same capability of custom objectives as our other agents that allow the agent to be configured to monitor and collect only the important information from the system and help eliminate the “noise” from the collection process.
Some of the many features of the Snare Enterprise Agent for Linux include:
- Caching of events in case of a network disruption, ensuring that events are not lost
- Confirmed log message delivery with Smart TCP – no lost or missing logs.
- Log to multiple destinations
- Combined with the TCP, this option will allow the agent to cache messages if there is a network failure or the Snare Server is otherwise unavailable.
- Encrypt messages between the agent and the Snare Server.
- Allowing the event log record to be formatted so it is accepted by a SYSLOG server.
- UTC (Coordinated Universal Time) timestamp format for events instead of local machine time zone format.
- Allow security administrators to either locally or remotely monitor changes to the agent’s configuration through a standard web browser.
View the product summary on the agents here.
The Snare for Linux agent is available in two different versions:
Snare Enterprise Agents - The industry standard for capturing and filtering audit and event log data, in a supported package, and with an enterprise-level feature set including guaranteed delivery and encryption. Please visit the Snare contact page for more information.
Get a Quote
Snare OpenSource Agents - Includes a limited feature set of the Snare Enterprise Agents, and not recommended for use by organisations that require audit compliance. Intersect Alliance does not provide support for the OpenSource agents, however the Snare OpenSource Sourceforge Forum may offer assistance. Download Snare OpenSource Now! Click here to compare OpenSource and Enterprise versions.
Snare for Linux is used by many large Financial, Insurance, Healthcare, Defence, AeroSpace, and Intelligence organisations to meet elements of local and federal security requirements, such as: Australian Government Information Security Manual (ISM),GLBA (Gramm-Leach-Bliley Act),
Sarbanes Oxley (SOX),C2 / CAPP,DCID 6/3,DIAM 50-4,DDS-2600-5502-87 Chapter 4,NISPOM Chapter 8,HIPAA,PCI DSS,California Senate Bill 1386/AB 1950,USA Patriot Act,Danish Standard DS-484:2005,ISO 27001/2.
Click to enlarge
Documentation for Snare for Linux is available from the User Documentation page.
InterSect provides commercial support for Snare Enterprise Agents and the Snare Server. Please visit the Support page for more information.