CentOS with RVM by Elliott Cutright - Snorby/snorby GitHub Wiki

Quick Notes: Snorby2 Install CentOS

Install Pre-Reqs: (you may need more, these worked for my system) $ yum install libxml2 libxml2-devel libxslt libxslt-devel jasper-devel libtool-ltdl

Install ImageMagick: $ wget http://centos.karan.org/el5/misc/testing/i386/RPMS/ImageMagick-6.6.0.2-8.el5.kb.1.i386.rpm $ rpm -i ImageMagick-6.6.0.2-8.el5.kb.1.i386.rpm $ wget http://centos.karan.org/el5/misc/testing/i386/RPMS/ImageMagick-devel-6.6.0.2-8.el5.kb.1.i386.rpm $ rpm -i ImageMagick-devel-6.6.0.2-8.el5.kb.1.i386.rpm

Setup user for Snorby (Security Reasons): $ adduser snorby (as root) $ passwd snorby (as root)

Install Ruby 1.9.2 w/ RVM: $ bash < <( curl http://rvm.beginrescueend.com/releases/rvm-install-head ) $ rvm install 1.9.2 $ rvm use ruby-1.9.2-p0 --default $ add "if -s "$HOME/.rvm/scripts/rvm" ; then source "$HOME/.rvm/scripts/rvm" ; fi" to the end of ~/.bashrc

Acquire Snorby 2: $ git clone git://github.com/Snorby/snorby.git $ git pull

Install Bundler: $ gem install bundler

Install Snorby2 pre-req gems: $ bundle install

Edit the database config file: $ vi ./config/database.yaml $ NOTE: Enclose password in quotes (ex. password: "Password")

Create Dir for Snorby: $ mkdir log (in snorby root) $ mkdir tmp (in snorby root)

Install/Make Snorby: $ rake snorby:setup

Edit snorby config: $ vi config/snorby_config.yml

Refresh the Snorby Rails app: $ rake snorby:refresh

Start Snorby: $ rails s -e production -p 8080 Browse to http://{IP ADDRESS}:8080 login with username '[email protected]' and password 'snorby'

Note: Make sure you modify Snort/barnyard to output to the snorby database These instructions do not install the PDF Components so you will not be able to generate PDF reports If the password snorby doesnt work, try "password"