Re: realtime reporting tool

[Matt Kettler <mkettler () evi-inc com>]

Could you be a bit more specific about what you need, and why acid, 
snortsnarf and demarc are not suited? Based on your question it's pretty 
hard to come up with an idea of what you really need.

If you need some kind of realtime "send me an email if this alert goes 
off", I'd suggest getting a log watcher, as per the snort FAQ:

5.7 --faq-- --snort-- --faq-- --snort-- --faq-- --snort-- --faq--

Q: How do I get snort to e-mail me alerts? A: Log to syslog and use swatch 
or logcheck.


if you go to freshmeat.net I'm sure you can look up swatch and logcheck 
there and get links to the project homepage/downloads.

If you're looking for something that parses snort log output into pretty 
web page reports and those three aren't acceptable I belive you're out of 
luck, but you're always welcome to write your own.



At 08:40 AM 3/28/2002 -0600, Ronneil Camara wrote:
> hi guys,
>
> I need some opensource realtime reporting tool other than acid, snortsnarf 
> or demarc.
> I went to snort.org and the downloads page has changed.
>
> Please suggest of what I can use and where to download.
>
> Thank you very much in advance.
>
> Neil
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users