Snort mailing list archives
RE: Another Snort Reporting Question
From: "Slighter, Tim" <tslighter () itc nrcs usda gov>
Date: Wed, 4 Dec 2002 07:54:30 -0700
Your best option might be to use the graphing tools built into ACID and create and copy specific alerts into AG's. For example, create an AG called Nimda and one called Code Red and one called Port Scans and then use the search tool to copy alerts based on those signatures into their corresponding AG and from there you should be able to create a pie chart for weekly or monthly or so on....hope that helps somewhat -----Original Message----- From: Christopher Lyon [mailto:cslyon () netsvcs com] Sent: Tuesday, December 03, 2002 9:16 PM To: snort-users () lists sourceforge net Subject: [Snort-users] Another Snort Reporting Question This might be an odd request so bare with me. My boss is looking for reports that he can hand to his boss that more or less justifies the time and money with building all of these sensors we are placing on our network. ACID, SnortSnarf and Snort Report are very cool and useful for the technical staff but they are way too technical for these guys. I think we have all dealt with non technical upper management so you know where I am going with this. Is there anything out there with just graphs at a more top level view? Stuff like how many alerts, there priority or ranking and charts? Any suggestions, comment or thoughts? ------------------------------------------------------- This SF.net email is sponsored by: Microsoft Visual Studio.NET comprehensive development tool, built to increase your productivity. Try a free online hosted session at: http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.net email is sponsored by: Microsoft Visual Studio.NET comprehensive development tool, built to increase your productivity. Try a free online hosted session at: http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Another Snort Reporting Question Christopher Lyon (Dec 03)
- Re: Another Snort Reporting Question Jacques (Dec 04)
- <Possible follow-ups>
- RE: Another Snort Reporting Question Slighter, Tim (Dec 04)