[Snort-users] realtime reporting tool

Matt Kettler mkettler at ...4108...
Thu Mar 28 10:23:10 EST 2002


Could you be a bit more specific about what you need, and why acid, 
snortsnarf and demarc are not suited? Based on your question it's pretty 
hard to come up with an idea of what you really need.

If you need some kind of realtime "send me an email if this alert goes 
off", I'd suggest getting a log watcher, as per the snort FAQ:

5.7 --faq-- --snort-- --faq-- --snort-- --faq-- --snort-- --faq--

Q: How do I get snort to e-mail me alerts? A: Log to syslog and use swatch 
or logcheck.


if you go to freshmeat.net I'm sure you can look up swatch and logcheck 
there and get links to the project homepage/downloads.

If you're looking for something that parses snort log output into pretty 
web page reports and those three aren't acceptable I belive you're out of 
luck, but you're always welcome to write your own.



At 08:40 AM 3/28/2002 -0600, Ronneil Camara wrote:
>hi guys,
>
>I need some opensource realtime reporting tool other than acid, snortsnarf 
>or demarc.
>I went to snort.org and the downloads page has changed.
>
>Please suggest of what I can use and where to download.
>
>Thank you very much in advance.
>
>Neil
>
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list





More information about the Snort-users mailing list