[Snort-users] swatch alternatives?
bnelson at ...5464...
Wed Apr 23 10:43:26 EDT 2003
I use this program to watch my logs and email me about alerts. One of its really nice features is 'contexts', which allow you to watch
for multi-line patterns in logs and perform different actions based on the contents of the context. So, in your case, if you had several related
Snort alerts that came in at the same time (or close to it), you could send them as one alert, rather than spamming yourself with one notification
From: Chris [mailto:vze2f6h6 at ...3147...]
Sent: Wednesday, April 23, 2003 11:23 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] swatch alternatives?
I have been trying to setup swatch so that my snort alerts can be sent via email but I am running into problems. I can not seem to get some of the needed perl modules installed.
What other alternatives is there that will do this? I tried to find logwatch but it points to a cisco error page.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users