Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [Looking for] Open source reporting tool

From: "Aaron" <snort () microchp org>
Date: Mon, 02 Feb 2004 12:03:46 -0800
Snort Report maybe? http://www.circuitsmaximus.com/
I tried that one already. It still gives almost the same information that ACID already provides with some minor improvements in detail. They want a nice page full of statistical breakdowns with pie charts (not just one little one) giving a detailed report per subnet(s). 



Something that would be even better, would be a tool that could do all
previously mentioned things and can be configured to only give data
for a specific subnet or subnets, depending on who is browsing it.
(Different configs in diff dirs, or username==, etc...)



Snort Report with some patching? I am sure the author/maintainer of the

software are willing to help as well, but probably for a small fee.
Probably so, but I have to do this with existing tools and only modifications done by myself, as I know they wont pay for anything. My kung-fu is not nearly as strong as what would be needed to knock something like this out in a week. Back to the ripped fuel we go. 



P.S. - This tool would have to sift through data collected on circuits
pushing 500MB each... several of them... and they are external... I am not smoking anything. 



Are you sure about that? Anyway, haven't run Snort Report on anything of

that size, but I guess you will find out how well it handles it (or
not).
Yup. Four OC-12's and two OC-3's. Soon to be six OC-12's. A crap load of noisy servers in a very hetrogenous network. 



PS
I have no association with the Snort Report guys what-so-ever, not even using their software. I tried it once, and maybe it will match (some) of 
your requirements.
DS
Use only as directed, contents may settle, if itching persists... hehehe (j/k) 



Best regards

 Michael Boman
Thanks for the advice. I will do what I can to make SnortReport work for now. Hopefully I will stumble across something closer to what I am looking for. If so I will post my findings. 

Your help is much appreciated. :)





-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: