Snort mailing list archives
RE: Automated alert email.
From: "Williams Jon" <WilliamsJonathan () JohnDeere com>
Date: Fri, 6 Aug 2004 13:36:57 -0500
I've got a couple perl scripts I use. They run from cron and check the SnortDB. One of them looks for X events in Y period of time for each source host and will send both email and SNMP traps. The other sends the same kinds of alerts but looks only for a single instance rather than thresholding. Before I can send them out, I'd have to sanitize them first. Also, there'd be several files, since each script has a main script file and a config file. I'd rather not try to post attachments, and perl inline within an email is usually uglier than normal perl code. If there's interest in the scripts and someone has a website that they'd be willing to put these scripts on, I can send them. If there's not a bunch of interest, I can send them just to the original requestor. Jon -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net] On Behalf Of Lyndon Tiu Sent: Friday, August 06, 2004 12:53 PM To: Snort Users Postings Subject: [Snort-users] Automated alert email. I checked out google and there are a few scripts here and there that emails when certain alert thresholds are reached. But these have mostly limited functionalities. Can you guys point me out to other similar snort add-ins that can email alerts. Thanks. -- Lyndon Tiu ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Automated alert email. Lyndon Tiu (Aug 06)
- <Possible follow-ups>
- RE: Automated alert email. Williams Jon (Aug 06)