[Snort-users] Session statistics
erek at ...950...
Thu Aug 21 17:35:22 EDT 2003
On Thu, 21 Aug 2003, John Creegan wrote:
> I've searched the mail list archives and the snort website looking for
> the tool I need, and have not yet found it. Before I go off and create
> this tool, I'd like to know if there already is a tool which can take
> advantage of the session.log data to tell me:
> 1. Who the top talkers are
> 2. Where the hotspots on the network are.
> If not, I'm thinking about creating a table in the snort database and
> then writing a bit of Perl to populate the table with the session stats.
> I might then either write some php pages to add into ACID or write
> stored procedures or even more Perl to do a bit of analysis.
> Ultimately, I'd rather add the capability to ACID.
> Anyone know of a way I can do this with existing tools?
Sniffer Pro 
Sniffer Pro is exactly what you want, it's just not cheap. MRTG and
RRDTool would have to be massaged a bit to make them work like you want.
Ntop might be the closest thing...
"When things get weird, the weird turn pro." H.S. Thompson
More information about the Snort-users