[Snort-users] Best real-time alerting tool

Tom Sevy tsevy at ...1701...
Wed Jun 5 08:27:02 EDT 2002


Agreed.  If you have a Win32 (NT/2K) box, Kiwi (registered version) will
install as a service.  This is how I filter our certain messages for
forwarding to my pager.  I also then log the events to a SQL db so I can
query them....

-----Original Message-----
From: Don [mailto:Don at ...5881...]
Sent: Tuesday, June 04, 2002 9:30 PM
To: Sheahan, Paul (PCLN-NW); Snort List (E-mail)
Subject: RE: [Snort-users] Best real-time alerting tool


I use Kiwi Syslog, it does most of what you mention. and can forward to
database or another syslog as well

Don


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Sheahan,
Paul (PCLN-NW)
Sent: Tuesday, June 04, 2002 5:02 PM
To: Snort List (E-mail)
Subject: [Snort-users] Best real-time alerting tool



I'm starting research for the best real time alerting tool for Snort and
want to get feedback from everyone. I'm looking for the following features,
can anyone recommend a product or products? I need these features:

*	Real time window where I can watch alerts as they occur
*	Real time alerting option via email and/or pager for alerts I choose
*	Best tool for correlation and historical analysis of data across
multiple Snort sensors

Thanks!

Paul Sheahan
Manager of Information Security
Priceline.com
paul.sheahan at ...2218...



_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users




More information about the Snort-users mailing list