[Snort-users] Automated alert email.

Williams Jon WilliamsJonathan at ...2134...
Fri Aug 6 11:38:01 EDT 2004

I've got a couple perl scripts I use.  They run from cron and check the
SnortDB.  One of them looks for X events in Y period of time for each
source host and will send both email and SNMP traps.  The other sends
the same kinds of alerts but looks only for a single instance rather
than thresholding.

Before I can send them out, I'd have to sanitize them first.  Also,
there'd be several files, since each script has a main script file and a
config file.  I'd rather not try to post attachments, and perl inline
within an email is usually uglier than normal perl code.  If there's
interest in the scripts and someone has a website that they'd be willing
to put these scripts on, I can send them.  If there's not a bunch of
interest, I can send them just to the original requestor.


-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of Lyndon Tiu
Sent: Friday, August 06, 2004 12:53 PM
To: Snort Users Postings
Subject: [Snort-users] Automated alert email.

I checked out google and there are a few scripts here and there that
emails when certain alert thresholds are reached. But these have mostly
limited functionalities.

Can you guys point me out to other similar snort add-ins that can email



Lyndon Tiu

This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list