Snort mailing list archives
Snort DB stats
From: "Jason Lewis" <jlewis () packetnexus com>
Date: Thu, 22 Nov 2001 04:34:23 -0500
I am looking to create a script that runs from cron that summarizes info from the DB and then emails the report. I thought I would see if anyone is doing anything like this already. I know ACID does some of this, but I need it to be automated. I can get email anywhere. For ex. Top 10 IP's in the DB Top 10 Attacks in the DB Top 10 Attacks in the last hour That kind of stuff. I would really like some kind of intelligent pattern matching, but I need to start somewhere to decide what exactly I want. I only have a vague idea and I think doing this report would help me figure out what would be useful and what is noise. Ideas, input, comments, am I crazy? Jason Lewis http://www.packetnexus.com It's not secure "Because they told me it was secure". The people at the other end of the link know less about security than you do. And that's scary. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort DB stats Jason Lewis (Nov 22)
- Re: Snort DB stats Guillaume (Nov 22)
- Re: Snort DB stats Edwin Eefting (Nov 22)
- Re: Snort DB stats Roberto Suarez Soto (Nov 22)