Snort mailing list archives
Re: snort web interface
From: "Lay, James" <james.lay () wincofoods com>
Date: Wed, 24 Aug 2011 09:46:47 -0600
-----Original Message----- From: Paul Halliday [mailto:paul.halliday () gmail com] Sent: Wednesday, August 24, 2011 9:39 AM To: Joel Esler Cc: Snort Users; Randal T. Rioux Subject: Re: [Snort-users] snort web interface On Wed, Aug 24, 2011 at 11:42 AM, Joel Esler <jesler () sourcefire com>
wrote:
Responding to my own email: If anyone wants to take this task on (side by side comparison of GUItools), we'll put it up on Snort.org and I'll give you free stuff!I nice complement to this would be a survey for the community: What would you like your interface to do? (in general, open ended
questions)
Features, Reports, Niceties, etc. expand on this of course. While feature requests are great, the requests always tend to be
somewhat
contrived because they are in within the context of a specific project and/or developers personal goals. What do people want? Using the 'delete events' as an example. This would have never
occurred to
me. I have over 300,000,000 events for the past 2 years and I would
hate to
lose any of that data. It is so rare that I need to delete an event
from the
db that I don't mind striking it from the CLI. I have been trying to put a survey together but just haven't had the
spare
cycles, I think the results from a survey like this data would
contribute
greatly to all projects out there. -- Paul Halliday http://www.squertproject.org/
Good point Paul. Something to consider is the target audience...for me, tailing the fast file and tsharking the pcap file is great for realtime incidents, and snortalog worked ok for trending. But that's me....Executives clearly wanted something much more pretty...which is why I started down the road of a GUI in the first place. James ------------------------------------------------------------------------------ EMC VNX: the world's simplest storage, starting under $10K The only unified storage solution that offers unified management Up to 160% more powerful than alternatives and 25% more efficient. Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: snort web interface, (continued)
- Re: snort web interface Jefferson, Shawn (Aug 23)
- Re: snort web interface Dustin Webber (Aug 23)
- Re: snort web interface Jefferson, Shawn (Aug 23)
- Re: snort web interface Randal T. Rioux (Aug 23)
- Re: snort web interface Dustin Webber (Aug 24)
- Re: snort web interface Joel Esler (Aug 24)
- Re: snort web interface Joel Esler (Aug 24)
- Re: [Spam] Re: snort web interface Lay, James (Aug 24)
- Re: [Spam] Re: snort web interface Joel Esler (Aug 24)
- Re: snort web interface Paul Halliday (Aug 24)
- Re: snort web interface Lay, James (Aug 24)
- Re: snort web interface Mike Lococo (Aug 24)
- Re: snort web interface Jason Meller (Aug 24)
- Re: snort web interface alexus (Aug 24)
- Re: snort web interface Paul Halliday (Aug 25)
- Re: snort web interface Agustin Roca (Aug 27)
- Re: snort web interface Jason Wallace (Aug 24)
- Re: snort web interface Paul Halliday (Aug 24)