[Snort-users] Real Time Alert and Variables
james.lay at ...15009...
Thu Feb 7 12:01:58 EST 2013
From: Jeremy Hoel [mailto:jthoel at ...11827...]
Sent: Thursday, February 07, 2013 9:50 AM
To: Nicholas Horton
Cc: Michael Steele; Snort Users
Subject: Re: [Snort-users] Real Time Alert and Variables
You might want to check out ELSA and greylog. We use greylog to get
emails from logs that go to it. They are kind of log viewers that
are both getting better.
WOTS (perl) and SEC (Simple Event Correlator) come to mind as well.
More information about the Snort-users