[Snort-users] Snort daily reports

Dave Rutherford dave at ...14014...
Thu Jan 4 05:35:49 EST 2007


On 1/3/07, info+lucretia.ca <info at ...2282...> wrote:
> Snort daily reports?  What tool is this?
>
> Snort has no email or reporting functions.

That's a fair question; I've no idea.  As I said, I'm using the
Debian packages, and I don't have anything installed with
a name remotely like 'snort-reporter'.

I Do have installed:
   webmin-snort
   snort-doc
   snort
   snort-common
   snort-rules-default

I Don't have installed:
   airsnort
   snort-pgsql
   snort-mysql

Here are the full headers from one such recent message.
To me, they give no clue what tool generated it.

Return-path: <root at ...14014...>
Envelope-to: dave at ...14014...
Delivery-date: Wed, 03 Jan 2007 06:25:06 -0500
Received: from root by mongo with local (Exim 4.61)
    (envelope-from <root at ...14014...>)
    id 1H24Ev-00060p-M6
    for dave at ...14014...; Wed, 03 Jan 2007 06:25:06 -0500
To: dave at ...14014...
Subject: [SNORT] mongo daily report
Message-Id: <E1H24Ev-00060p-M6 at ...14018...>
From: root <root at ...14014...>
Date: Wed, 03 Jan 2007 06:25:03 -0500
X-jf: 20020519, 1:1,2:1,3:1,4:1,ad:1,bo:1,di:1,do:1,he:1,ip:1,us:0

Anyone else using Snort with Debian?  These reports are so huge as to
be meaningless, but yet still take up valuable disk space.

Thanks,
    Dave




More information about the Snort-users mailing list