Friday, March 07, 2008

Sguil RPMS and YUM Repository

In an effort to improve the install process for Sguil, I've created and maintain a Sguil YUM repository for RHEL/CentOS 4/5 systems at:

http://synfulpacket.net/sguil (Sguil version 0.6.1)

or

http://synfulpacket.net/sguilcvs (Sguil version 0.7.0)

From the readme:

This is a *beta* Sguil 0.7.0 repo, so use at your own risk. It's intended to
work on CentOS 4 and 5.

In order to use this yum repo, you'll need to do the following:

1. Create a yum.conf entry. For CentOS 4+, create /etc/yum.repos.d/synful-sguilcvs.repo
with the following contents:
------------------ Below this line ------------------------

[sguil]
name=Sguil Repo at synfulpacket.net
baseurl=http://synfulpacket.net/sguilcvs/$releasever
gpgcheck=0

------------------ Above this line ------------------------

$releasever will expand to 5Client on RHEL5 Desktop installs,
I've placed a symlink to allow those installs to work.

2. Add the following line to CentOS - Extras:

exclude=libnet*



Now you should be able to run:

yum -y install sguil-server
yum -y install sguil-sensor
yum -y install sguil-client

and have the neccessary software download and installed.

Please report ANY issues to rfifarek *AT* synfulpacket *DOT* net, as this is completely
maintained by me.

Enjoy.

Richard H. Fifarek
rfifarek *AT* synfulpacket *DOT* net

In order to use the Sguil 0.6.1 repository, replace sguilcvs with sguil.

Thanks!

Labels: , , , , ,