{"id":22747999,"url":"https://github.com/githubfoam/snort3-sandbox","last_synced_at":"2026-01-07T20:50:22.930Z","repository":{"id":59235399,"uuid":"226903480","full_name":"githubfoam/snort3-sandbox","owner":"githubfoam","description":"network security monitoring NIDS HIDS CTI DFIR ","archived":false,"fork":false,"pushed_at":"2019-12-09T16:48:28.000Z","size":29,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-05T07:49:38.791Z","etag":null,"topics":["hids","network-monitoring","nids","snort"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/githubfoam.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-12-09T15:24:45.000Z","updated_at":"2020-06-25T17:27:50.000Z","dependencies_parsed_at":"2022-09-15T01:00:22.221Z","dependency_job_id":null,"html_url":"https://github.com/githubfoam/snort3-sandbox","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubfoam%2Fsnort3-sandbox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubfoam%2Fsnort3-sandbox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubfoam%2Fsnort3-sandbox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/githubfoam%2Fsnort3-sandbox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/githubfoam","download_url":"https://codeload.github.com/githubfoam/snort3-sandbox/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246281216,"owners_count":20752207,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hids","network-monitoring","nids","snort"],"created_at":"2024-12-11T03:18:58.607Z","updated_at":"2026-01-07T20:50:22.896Z","avatar_url":"https://github.com/githubfoam.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# snort3-sandbox\nDebian GNU/Linux 10 (buster)\n~~~~\nvagrant@vg-snort-03:~$ /usr/local/bin/snort -V\n\n   ,,_     -*\u003e Snort++ \u003c*-\n  o\"  )~   Version 3.0.0 (Build 266)\n   ''''    By Martin Roesch \u0026 The Snort Team\n           http://snort.org/contact#team\n           Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.\n           Copyright (C) 1998-2013 Sourcefire, Inc., et al.\n           Using DAQ version 3.0.0\n           Using LuaJIT version 2.1.0-beta3\n           Using OpenSSL 1.1.1d  10 Sep 2019\n           Using libpcap version 1.8.1\n           Using PCRE version 8.43 2019-02-23\n           Using ZLIB version 1.2.11\n           Using FlatBuffers 1.11.0\n           Using Hyperscan version 5.2.0 2019-12-09\n           Using LZMA version 5.2.4\n\n           test if Hyperscan works, from the build directory\n           hyperscan-5.2.0-build$ ./bin/unit-hyperscan\n           [==========] Running 3746 tests from 33 test cases.\n           [----------] Global test environment set-up.\n           [----------] 9 tests from CustomAllocator\n           [ RUN      ] CustomAllocator.DatabaseInfoBadAlloc\n           [       OK ] CustomAllocator.DatabaseInfoBadAlloc (78 ms)\n           [ RUN      ] CustomAllocator.TwoAlignedCompile\n           [       OK ] CustomAllocator.TwoAlignedCompile (25 ms)\n           [ RUN      ] CustomAllocator.TwoAlignedCompileError\n           [       OK ] CustomAllocator.TwoAlignedCompileError (1 ms)\n           [ RUN      ] CustomAllocator.TwoAlignedDatabaseInfo\n\n~~~~\nubuntu1904\n~~~~\ntest if Hyperscan works, from the build directory\ncd ~/snort_src/hyperscan-5.2.0-build/\n./bin/unit-hyperscan\n\nvagrant@vg-snort-01:~$ /usr/local/bin/snort -V\n\n   ,,_     -*\u003e Snort++ \u003c*-\n  o\"  )~   Version 3.0.0 (Build 266)\n   ''''    By Martin Roesch \u0026 The Snort Team\n           http://snort.org/contact#team\n           Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.\n           Copyright (C) 1998-2013 Sourcefire, Inc., et al.\n           Using DAQ version 3.0.0\n           Using LuaJIT version 2.1.0-beta3\n           Using OpenSSL 1.1.1b  26 Feb 2019\n           Using libpcap version 1.8.1\n           Using PCRE version 8.43 2019-02-23\n           Using ZLIB version 1.2.11\n           Using FlatBuffers 1.11.0\n           Using Hyperscan version 5.2.0 2019-12-08\n           Using LZMA version 5.2.4\n\nSnort 3 on Ubuntu 18 \u0026 19\n\u003chttps://www.snort.org/documents\u003e\nBUILD SNORT\n\u003chttps://github.com/snort3/snort3\u003e\n~~~~\nCentOS80\n~~~~\n\nshell: ./configure_cmake.sh --prefix=/usr/local/snort \u003e\u003e /tmp/snort3_configure.out\n\n[ 98%] Documents: building commands.txt with\n[ 98%] Documents: building counts.txt with\n/tmp/snort3/snort3/build/src/snort: error while loading shared libraries: libdaq.so.3: cannot open shared object file: No such file or directory\nmake[2]: *** [doc/CMakeFiles/all_built_sources.dir/build.make:80: doc/commands.txt] Error 127\nmake[2]: *** Deleting file 'doc/commands.txt'\nmake[2]: *** Waiting for unfinished jobs....\n/tmp/snort3/snort3/build/src/snort: error while loading shared libraries: libdaq.so.3: cannot open shared object file: No such file or directory\nmake[1]: *** [CMakeFiles/Makefile2:6183: doc/CMakeFiles/all_built_sources.dir/all] Error 2\nmake: *** [Makefile:152: all] Error 2\n\nshell: ./configure_cmake.sh --prefix=/usr/local/snort --enable-tcmalloc  \u003e\u003e /tmp/snort3_configure.out\n\n[ 98%] Documents: building commands.txt with\n/tmp/snort3/snort3/build/src/snort: error while loading shared libraries: libtcmalloc.so.4: cannot open shared object file: No such file or directory\n/tmp/snort3/snort3/build/src/snort: error while loading shared libraries: libtcmalloc.so.4: cannot open shared object file: No such file or directory\nmake[2]: *** [doc/CMakeFiles/all_built_sources.dir/build.make:80: doc/commands.txt] Error 127\nmake[2]: *** Deleting file 'doc/commands.txt'\nmake[2]: *** Waiting for unfinished jobs....\nmake[1]: *** [CMakeFiles/Makefile2:6183: doc/CMakeFiles/all_built_sources.dir/all] Error 2\nmake: *** [Makefile:152: all] Error 2\n\n\n\n\nInstalling newer versions (\u003e=7.x) of Ragel requires installing colm first. Prior versions, for example version 6.10, do not require installing colm. The steps will proceed with installing colm (0.13.0.7 ) and ragel (7.0.0.12).\n\nThere are two methods to make hyperscan aware of the Boost headers:\n1) Symlink, or\n2) PassingBOOST_ROOTpointing to the root directory of the Boost headers to cmake.\n\nSnort 3 on CentOS8\n\u003chttps://www.snort.org/documents\u003e\nBUILD SNORT\n\u003chttps://github.com/snort3/snort3\u003e\n~~~~\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithubfoam%2Fsnort3-sandbox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgithubfoam%2Fsnort3-sandbox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgithubfoam%2Fsnort3-sandbox/lists"}