[Snort-users] Snort DB stats

Edwin Eefting edwin at ...2758...
Thu Nov 22 02:06:02 EST 2001


On Thu, 22 Nov 2001 04:34:23 -0500 Jason Lewis <jlewis at ...2449...> wrote:

> I am looking to create a script that runs from cron that summarizes info
> from the DB and then emails the report.  I thought I would see if anyone is
> doing anything like this already.  I know ACID does some of this, but I need
> it to be automated.  I can get email anywhere.
> 
> For ex.
> 
> Top 10 IP's in the DB
> Top 10 Attacks in the DB
> Top 10 Attacks in the last hour
> 
> That kind of stuff.  I would really like some kind of intelligent pattern
> matching, but I need to start somewhere to decide what exactly I want.  I
> only have a vague idea and I think doing this report would help me figure
> out what would be useful and what is noise.
> 
> Ideas, input, comments, am I crazy?

Well i'm working on a perlscript that generates pages like this with nice
pie graphs and stuff. When it's ready I will post a link. 


> 
> Jason Lewis
> http://www.packetnexus.com
> It's not secure "Because they told me it was secure".
> The people at the other end of the link know less
> about security than you do. And that's scary.
> 
> 
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 


--                            __________________
                             /\ ___/          
Edwin Eefting               /- \ _/  Business Internet Trends BV
                           /--- \/           __________________





More information about the Snort-users mailing list