[Snort-users] Recommendation for IDS reporting tools?
Basselgia, Barry A Mr (NAF Atsugi)
BABasselgia at ...12104...
Wed Mar 16 16:13:13 EST 2005
I use Aanval, it uses the same mysql database as ACID/BASE, so it will work
with anything you can feed into the database. I use unified logging on my
snort sensors and barnyard to feed the database.
I find that I use both BASE and Aanval depending on what I'm looking
for/doing at the time. Aanval has some near real time monitors that I
really like. But, when I'm digging into things I find BASE to be more
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Alex
Sent: Wednesday, March 16, 2005 6:07 PM
To: Hugo; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Recommendation for IDS reporting tools?
> Has anybody tried Aanval? Any testimonial? THanks in advance!
Tried it, didn't like it; not as functional as ACID/BASE, and, IIRC, it
won't work with unified logging (which is a show-stopper for a production
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
More information about the Snort-users