[Snort-users] RE: Snort and Mysql for statistics purposes

Bénoni MARTIN Benoni.MARTIN at ...13159...
Wed Mar 9 16:58:12 EST 2005

I can recommend you the famous Ntop for "Top ports, Top src_ip", and SnortSnarf for "Top attacks".

But you can create your own tool with Perl ... Good luck ;)

-----Message d'origine-----
De : David Jiménez Domínguez [mailto:djdsecurity at ...11827...] 
Envoyé : mercredi 9 mars 2005 01:05
À : snort-users at lists.sourceforge.net; honeypots at ...35...; focus-ids at ...3046...5...
Objet : Snort and Mysql for statistics purposes

Hi folks!

I need to graph all the traffic in my network (Top ports, Top src_ip, Top attacks) each 5 minutes...In the DataServer I have intalled Mysql and in the firewall I have installed snort-2.3.0 and I created just 4 rules to get all the tcp,udp,icmp and ip traffic in order to graph it with perl and rrdtool and post it in a web page....

Do you think it is the best way to do that???
Have your ever done something like that?? What tools do you recommend me??


More information about the Snort-users mailing list