[Snort-users] tools/scripts for correlation analysis

Jeff Dell jdell at ...1095...
Mon Nov 8 04:27:26 EST 2004


HSC is designed to do this. There is support for syslog, firewall log,
snort, and more... If you check out the documentations, it will show you how
you can log these items to a database and then view them within the Console.
You will also need FISQ a perl script that will import all of your firewall
logs into a MySQL database.

You can get both of these tools at www.activeworx.org.

Cheers,
Jeff  

> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net 
> [mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of sam wun
> Sent: Monday, November 08, 2004 2:11 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] tools/scripts for correlation analysis
> 
> Hi,
> 
> Does anyone know any good tools/scripts for doing correlation 
> analysis?
> The log data will include alerts that generated by snort in mysql 
> database, syslog data, data from switches, routers and packet filter 
> firewalls and PIX firewalls...
> 
> Thanks
> Sam
> 
> 
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by:
> Sybase ASE Linux Express Edition - download now for FREE
> LinuxWorld Reader's Choice Award Winner for best database on Linux.
> http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 






More information about the Snort-users mailing list