Educause Security Discussion mailing list archives

Re: Snort Reporting

From: "Hammond, Stanley" <shammond () CAPECOD EDU>
Date: Fri, 24 Apr 2009 07:56:21 -0400

We use Snort with Prelude IDS (http://www.prelude-ids.com)

Snort needs to be (re)compiled with the Prelude library, and the Prelude
manager can email notifications based on different triggers.

 

Stan Hammond

Information Security Specialist

Cape Cod Community College

West Barnstable, MA

 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A.
Sent: Thursday, April 23, 2009 4:25 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Snort Reporting

 

We have deployed Snort configured to use MySQL through Barnyard with
BASE as the reporting tool.  We are looking for an open source utility
to monitor the database and generate email notifications on certain
triggers like filter name, classification or SID.  Does anyone have
suggestions?

 

Thank you.

 

Ronald King

Security Engineer

Norfolk State University

Marie V. McDemmond Center for Applied Research 

Suite 401 

700 Park Ave.

Norfolk, Virginia  23504

Phone:  757-823-3918

Email: raking () nsu edu

http://security.nsu.edu

Current thread:

Snort Reporting King, Ronald A. (Apr 23)
- <Possible follow-ups>
- Re: Snort Reporting Hammond, Stanley (Apr 24)
- Re: Snort Reporting Leon DuPree (Apr 24)
- Re: Snort Reporting Hammond, Stanley (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting Leon DuPree (Apr 27)
- Re: Snort Reporting King, Ronald A. (Apr 28)
- Re: Snort Reporting Leon DuPree (Apr 28)