Posted by:dragorn
Subject:Emit unified2 alerts
Date:14:58:19 07/08/2013

> The problem that i have is that if Kismet create alerts, this will go to file Kismet-*.alert, this file increase in size, and the only soluction that i found is stop/rotate/start Kismet.
> I love difficult thinks, so I will spend more time trying to find a more elegant solution, Is anybody using Kismet as IDS, or is preferable to use Snort / Surucata or any of his friends?

Don't use log files for live data, pretty much ever.

If you want to stream live alert data out, look at the syslog plugin or the example client code in the ruby/ directory, you can make a bridge from anything Kismet tracks to any service you can talk to with a scripting language, in probably 20 lines of code.

You don't have to use Ruby, either, it's just there as an example.

