Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Graphing Snort Data

From: "Halliday,Paul" <Paul.Halliday () NSCC CA>
Date: Thu, 12 Jun 2008 19:16:31 -0300
I maintain a project that can create rudimentary graphs from snort data:
http://squert.sourceforge.net/screen.php 

 

 it requires the DB structure that Sguil uses (which you should be using
anyway J): http://sguil.sourceforge.net/

 

Further if you did happen to use Sguil, you can leverage the work that
David Bianco has done which produces some fancy PDF's with Birt: 
http://nsmwiki.org/index.php?title=Sguil_Reports_with_BIRT_HOWTO

 

All of these projects are maturing quite quickly and unless you have the
coin for aanval (or sourcefire) you should really check them out.

 

Oh, and don't let the fact that Sguil is coded in TCL scare you J. I
monitor 15 100M links in real time with it.

 

</plug> 

 

Good luck.

------

Paul Halliday 
NSCC | Network Security Analyst
Tel 902.565.9057 | Fax 902.563.0511 
1240 Grand Lake Rd., Sydney, NS B1P 6J7
http://www.nscc.ca <http://www.nscc.ca/> 

 

From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Dawson,Scottie
Sent: Thursday, June 12, 2008 3:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Graphing Snort Data

 

Hello All

 

I am using Base to front end my Snort install and would like to graph
some of the trends that I am seeing.  I was wondering if anyone had any
ideas on either a different front end that can graph information in a
useful manner or another graphing solution that I could use directly
with the mysql database.

 

Thank you.

 

Scott

 

"security monkey"

 

Scott Dawson 

Network Security ACNS

Colorado State University

Phone:(970)297-3712

Previous By Date Next
Previous By Thread Next

Current thread: