[Snort-users] Re: Log analysis without ACID
randy at ...11621...
Thu Apr 29 09:16:03 EDT 2004
If you don't mind installing Tomcat, then try out WatchHog for the DB
reports ( www.watchhog.org )
It does reports like this. New sleeker and cooler version will be out soon
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Frank
Sent: April 29, 2004 8:07 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] Re: Log analysis without ACID
Personaly, I'm looking for a basic summary of
a)a basic list of there were N hits of type X (sorted by i) severity and
ii) number of occurances
b)Number of Hits per IP address
> Message: 1
> Date: Tue, 27 Apr 2004 16:33:59 -0500
> From: Michael Sconzo <msconzo at ...5072...>
> To: Michael Steele <michaels at ...9077...>
> Cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Log analysis without ACID
> On Tue, Apr 27, 2004 at 12:58:11PM -0700, Michael Steele wrote:
> > ACID does not generate report logs.
> > I have yet to find one. It would be nice to find one that can generate
> > weekly, monthly and yearly reports from the Snort log.
> What kind of information are you looking for in the report... ?
More information about the Snort-users