[Snort-users] Basic questions about snort

Jason Haar Jason.Haar at ...294...
Sun Apr 15 23:39:25 EDT 2001

> ACIS is for snort only right now as far as I know.  I don't do too much with
> regards to Cisco logs, except log em to the syslog server.  I haven't been
> able to find any good tools that will assist the analyst with multiple
> syslog formats (i.e. portsentry, Linux, cisco, snort, etc...).  That would
> be a good project....

Ahem - check out logsnorter. Currently handles interpreting Cisco and
ipfw/ipchains syslog messages and injects them into the backend Snort SQL
datbases. Written in perl



