[Snort-users] A tool like swatch

Jim Brown jpb at ...10281...
Sat Nov 8 06:56:59 EST 2003


* Sir Fenix <claudus at ...10165...> [2003-11-06 11:13]:
> Hi
> 
> Does anyone know another tool thant works exactly like swatch?.
> 

Check out SEC.  You'll be glad you did.
http://www.estpak.ee/~risto/sec/

I've used it extensively for log file processing, and other types
of event correlation.  There is a section on integrating snort
rules in the documentation.

Best Regards,
jpb
===





More information about the Snort-users mailing list