[Snort-users] Integrate Snort with Remedy, Anyone Please???
jeff at ...950...
Thu Feb 12 12:51:08 EST 2004
-----BEGIN PGP SIGNED MESSAGE-----
The New York State University at Buffalo has been developing ARS Perl
for Remedy Action Request system for years. The website for arsperl is
As I suspect you're already aware, Snort can generate a significant
number of alerts depending on how you've configured it. I'd use the
thresholding features within Snort carefully to ensure you don't
created hundreds of tickets in Remedy.
With this in mind, you could parse XML formatted Snort alerts and
create remedy tickets using ARS Perl.
It's been many years since I've used ARS Perl, so I can't comment on
how well it works.
On Feb 12, 2004, at 11:23 AM, Snortty wrote:
> My snort IDS on Solaris 8 has been running more
> stable, and in better control now.
> I'm thinking of integrating Snort alerts with Trouble
> Ticket Systmes - specifically Remedy, in order to be
> monitored together with other type of tickets, and be
> tracked the progress of resolving issues detected by
> Has anyone done the similar things, or know better to
> offer any suggestions/comments/places to look further
> I will share my results if I can make progress on this
> Thank you in advace!
> Do you Yahoo!?
> Yahoo! Finance: Get your refund fast by filing online.
> SF.Net is sponsored by: Speed Start Your Linux Apps Now.
> Build and deploy apps & Web services for Linux with
> a free DVD software kit from IBM. Click Now!
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> Snort-users list archive:
The most technical single-track security conference in the West.
Vancouver B.C., Canada April, 2004 http://cansecwest.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
-----END PGP SIGNATURE-----
More information about the Snort-users