Security Incidents mailing list archives
Re: Incident tracking database
From: Russell Fulton <r.fulton () auckland ac nz>
Date: 05 Dec 2002 15:15:41 +1300
On Wed, 2002-12-04 at 21:13, Holger Kipp wrote:
Danny (Danny () drexel edu) wrote:Hey guys, I've been looking for ages now and have not been able to find a real web basedincident tracking system, so what I'd like to do is just throw the question out to There are several Trouble-Ticket Systems available. See for example gnats (which is email-based, but there is a webfrontend available) or the oneorzere Helpdesk System (open source, at http://helpdesk.oneorzero.com). For a very good and detailed overview, see http://linas.org/linux/pm.html Another very customizable system is scarab (http://scarab.tigris.org/) - looks very good to me, though it has some requirements (Java SDK1.3 or higher, Ant, Tomcat, MySQL or Postgres).
There are certainly some very good ticket tracking systems, but all I have looked at appear to lack a couple of features that I want in a system for tracking incidents. (Possible exception is the one that comes with snortsnarf but it has other limitations). The features are: 1/ the ability to log tickets directly from programs (preferably across the network) in a straight forward manner. 2/ the ability to produce standard emails from standard templates and stuff stored as part of the ticket. Eg. incident notification to sites. 3/ the ability to add things like whois lookups that extract information and add it to the ticket which can then be used in 2. I'd be delighted if I've missed something and the perfect system is really out there. I have my own system that fulfills these requirements but is otherwise very rude and crude. I would love to marry its functionality into a "proper" call tracking system. -- Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand "It aint necessarily so" - Gershwin ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Incident tracking database Danny (Dec 03)
- Re: Incident tracking database Chip Mefford (Dec 04)
- what else you can do with worm networks...fun, profit, etc Anton A. Chuvakin (Dec 09)
- Re: Incident tracking database Paul Gillingwater (Dec 04)
- Re: Incident tracking database Steven Hong (Dec 04)
- Re: Incident tracking database james (Dec 04)
- <Possible follow-ups>
- Re: Incident tracking database Holger Kipp (Dec 04)
- Re: Incident tracking database Russell Fulton (Dec 05)
- Re: Incident tracking database Chris Adams (Dec 08)
- Re: Incident tracking database Russell Fulton (Dec 05)
- Re: Incident tracking database Chip Mefford (Dec 04)