Snort mailing list archives
[Looking for] Open source reporting tool
From: "Aaron" <snort () microchp org>
Date: Sun, 01 Feb 2004 20:24:21 -0800
For those playing the drinking game, please take a swig ahead of time for me.
For myself and anyone technical ACID is more than enough to generate the data that is needed.
For upper management and end users (customers) however, a much prettier and more generic tool is needed. I have not found anything opensource that makes dumbified pretty reports with statistical graphs, pie charts and etc...
Yes, I know ACID sortof does this with JPGraph. Well, not really.I also found a few things that generate html reports from the alert log. I dont keep the alert log. All the data is in the snort database.
My company will not use snort unless they can see pretty graphs with breakouts of all the attacks. We used to use Crystal Reports against ISS RealSecure, however both products are no longer supported internally in order to cut costs. I am not complaining, as they are finally adopting and using open source software. You have no idea what a strange warm and fuzzy feeling that is. Maybe it was the rum.
If you know of a tool that can generate from the database useful information in the form of detailed graphs (with links to the technical data), pie charts and everything that management and end users would like to see, then please let me know.
Something that would be even better, would be a tool that could do all previously mentioned things and can be configured to only give data for a specific subnet or subnets, depending on who is browsing it. (Different configs in diff dirs, or username==, etc...)
Regards, AaronP.S. - This tool would have to sift through data collected on circuits pushing 500MB each... several of them... and they are external... No I am not smoking anything.
:) ------------------------------------------------------- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- [Looking for] Open source reporting tool Aaron (Feb 01)
- Re: [Looking for] Open source reporting tool Michael Boman (Feb 01)
- <Possible follow-ups>
- Re: [Looking for] Open source reporting tool Aaron (Feb 02)