Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Another Snort Reporting Question

From: "Slighter, Tim" <tslighter () itc nrcs usda gov>
Date: Wed, 4 Dec 2002 07:54:30 -0700
Your best option might be to use the graphing tools built into ACID and
create and copy specific alerts into AG's.  For example, create an AG called
Nimda and one called Code Red and one called Port Scans and then use the
search tool to copy alerts based on those signatures into their
corresponding AG and from there you should be able to create a pie chart for
weekly or monthly or so on....hope that helps somewhat

-----Original Message-----
From: Christopher Lyon [mailto:cslyon () netsvcs com]
Sent: Tuesday, December 03, 2002 9:16 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Another Snort Reporting Question


This might be an odd request so bare with me. 
My boss is looking for reports that he can hand to his boss that more or
less justifies the time and money with building all of these sensors we
are placing on our network. ACID, SnortSnarf and Snort Report are very
cool and useful for the technical staff but they are way too technical
for these guys. I think we have all dealt with non technical upper
management so you know where I am going with this. Is there anything out
there with just graphs at a more top level view? Stuff like how many
alerts, there priority or ranking and charts? Any suggestions, comment
or thoughts?



-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET 
comprehensive development tool, built to increase your 
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users


-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET 
comprehensive development tool, built to increase your 
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: