[Snort-users] Basic questions about snort
Jason.Haar at ...294...
Sun Apr 15 23:39:25 EDT 2001
> ACIS is for snort only right now as far as I know. I don't do too much with
> regards to Cisco logs, except log em to the syslog server. I haven't been
> able to find any good tools that will assist the analyst with multiple
> syslog formats (i.e. portsentry, Linux, cisco, snort, etc...). That would
> be a good project....
Ahem - check out logsnorter. Currently handles interpreting Cisco and
ipfw/ipchains syslog messages and injects them into the backend Snort SQL
datbases. Written in perl
Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417
More information about the Snort-users