Advanced Snort analysis

[pauldotcom at grymoire.com (Grymoire)]

I want to make some sort of high level visualization of the IDS status
- using snort.

I am tryiung to use snort, mysql, acidbase, and munin, all of which
can be installed using Ubuntu's package manager. There's even a snort
plug-in for munin. Sounds easy, eh?

Well, the ducumentaiton sucks.

I looked at the Snort Statistics howto - and that's obsolete.

snortsnarf is non-supported and hard to find. So I found an old RPM,
installed it, and looking at it's output - it's just broken.

I downloaded the source of snort, and according to the
documentation,contributed source can be found at
www.snort.org/dl/contrib - but the directory no longer exists.

There are many web pages, and even a book - the but book is 6 years
old, and many of the web documents are also as ancient.

Suppose I want to have a real-time plot of IDS activities. What do
others use? And what documentation do you suggest?

It's been frustrating....