[Snort-users] Email Notification Methods?

Jason Baeder jason_baeder at ...131...
Thu Feb 5 06:32:12 EST 2004


Michael,

I've been embarking upon the same task this past week. Since MySQL does
not support triggers (yet), I've decided to use Swatch on each sensor. 
You might want to read "Real-Time Alerting with Snort" found here
http://www.linuxsecurity.com/feature_stories/feature_story-144.html


You might also be interested in 'smtpclient'; it eliminates the
necessity of installing sendmail on the sensors.  It can be found here:
http://www.engelschall.com/sw/smtpclient/

Jason


On Wed, 2004-02-04 at 14:26, M. Morgan wrote:
>Hello all,
>  I running four snort boxes reporting to a central mysql server. I'd
> like to have email notification for certain snort alerts if that is
> possible. 
> 
>  I'm soliciting recomendations for software that can help me
accomplish
> this.
> 
> Im currently looking at Swatch which seems to be trigger by syslog
> events, any recomendations are welcome.
> 
> Thanks,
> Michael
>

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/




More information about the Snort-users mailing list