[Snort-users] Real Time Alert and Variables

Lay, James james.lay at ...15009...
Thu Feb 7 12:01:58 EST 2013


-----Original Message-----
From: Jeremy Hoel [mailto:jthoel at ...11827...] 
Sent: Thursday, February 07, 2013 9:50 AM
To: Nicholas Horton
Cc: Michael Steele; Snort Users
Subject: Re: [Snort-users] Real Time Alert and Variables

You might want to check out ELSA and greylog.  We use greylog to get
emails from logs that go to it.  They are kind of  log viewers that
are both getting better.




WOTS (perl) and SEC (Simple Event Correlator) come to mind as well.

James




More information about the Snort-users mailing list