[Snort-users] Snort DB stats
edwin at ...2758...
Thu Nov 22 02:06:02 EST 2001
On Thu, 22 Nov 2001 04:34:23 -0500 Jason Lewis <jlewis at ...2449...> wrote:
> I am looking to create a script that runs from cron that summarizes info
> from the DB and then emails the report. I thought I would see if anyone is
> doing anything like this already. I know ACID does some of this, but I need
> it to be automated. I can get email anywhere.
> For ex.
> Top 10 IP's in the DB
> Top 10 Attacks in the DB
> Top 10 Attacks in the last hour
> That kind of stuff. I would really like some kind of intelligent pattern
> matching, but I need to start somewhere to decide what exactly I want. I
> only have a vague idea and I think doing this report would help me figure
> out what would be useful and what is noise.
> Ideas, input, comments, am I crazy?
Well i'm working on a perlscript that generates pages like this with nice
pie graphs and stuff. When it's ready I will post a link.
> Jason Lewis
> It's not secure "Because they told me it was secure".
> The people at the other end of the link know less
> about security than you do. And that's scary.
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
Edwin Eefting /- \ _/ Business Internet Trends BV
/--- \/ __________________
More information about the Snort-users