Snort mailing list archives
Semi-automatic notification email generator for Snort?
From: "Ian Webb" <iwebb () carolina rr com>
Date: Sun, 28 Jul 2002 12:29:51 -0400
I'm looking for a tool that can parse my Snort logs and plug log excerpts into a form letter with the proper abuse address from WHOIS. I'm not going to send them automatically - I want to review them first - but a tool with a 'report this incident' button would be ideal. I also need incident tracking that would tell me when new incidents involving an IP I reported some time ago are detected. I suppose if there's no tool out there I could modify SnortSnarf, but I really don't want to have to do that if there's already a tool like this out there. Also, SnortSnarf won't track incidents. Would my best bet be to run reports out of a database? Thanks.
Current thread:
- Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)
- RE: Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)
- RE: Semi-automatic notification email generator for Snort? Ian Webb (Jul 28)
- Re: Semi-automatic notification email generator for Snort? Joe McAlerney (Jul 29)
- Re: Semi-automatic notification email generator for Snort? Michael Scheidell (Jul 28)