[Snort-users] Snort log analyser

Andrew Betson rew at ...1587...
Thu Mar 15 20:13:41 EST 2001


At 14:52 15/03/2001 +0530, Siddhartha Jain wrote:
>  Hi,
>
>  I am running snoret this way :-
>  /usr/local/snort/bin/snort -D -de -C -i hme1 -l
>  /usr/local/snort/log/snort -c /usr/local/snort/conf/snort.conf
>
>  This generates logs in this form :-
>  /usr/local/snort/log/snort/ip-address-of-the-attacker/type-of-attack
>
>  Could someone suggest a log analyser to analyse logs in this format?

Havent personally used any of them bu have a look at
http://www.whitehats.com/ids/

hope this helps


Andrew
\\\\\/////





More information about the Snort-users mailing list