[Snort-users] Real Time Alert and Variables

Nicholas Horton fivetenets at ...14399...
Thu Feb 7 12:11:04 EST 2013


Thanks Jeremy. Thanks James. 

I take a look at them. 

Nick

On Feb 7, 2013, at 12:01 PM, "Lay, James" <james.lay at ...15009...> wrote:

> -----Original Message-----
> From: Jeremy Hoel [mailto:jthoel at ...11827...] 
> Sent: Thursday, February 07, 2013 9:50 AM
> To: Nicholas Horton
> Cc: Michael Steele; Snort Users
> Subject: Re: [Snort-users] Real Time Alert and Variables
> 
> You might want to check out ELSA and greylog.  We use greylog to get
> emails from logs that go to it.  They are kind of  log viewers that
> are both getting better.
> 
> 
> 
> 
> WOTS (perl) and SEC (Simple Event Correlator) come to mind as well.
> 
> James
> 
> ------------------------------------------------------------------------------
> Free Next-Gen Firewall Hardware Offer
> Buy your Sophos next-gen firewall before the end March 2013 
> and get the hardware for free! Learn more.
> http://p.sf.net/sfu/sophos-d2d-feb
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!




More information about the Snort-users mailing list