Snort mailing list archives
RE: ACID and SnortReport Questions
From: "Hicks, John" <JHicks () JUSTICE GC CA>
Date: Thu, 3 Oct 2002 10:55:25 -0400
Using ACID it's very easy to fire emails off of individual alerts, a selected list of alerts, or an entire query that is relevant. cheers, John -----Original Message----- From: Ibarra, Michael [mailto:m.ibarra () cdcixis-na com] Sent: Thursday, October 03, 2002 10:45 AM To: 'Snort Users List' (E-mail) Subject: [Snort-users] ACID and SnortReport Questions Hello: I've recently used SHADOW and was very impressed with its ability to create a report based on src ip, dest ip, port, traffic type, etc. This report was especially helpful for delivery to ISP's and such, not that they do much without some legal threats. What I see lacking in both ACID as well as snortreport is this functionality, or have I missed something? Here is a sample of what the Shadow report looks like: Company-NAME - Network Security Division Network Detection Report Phone 212-555-1212 Company-NAME Intrusion Detection Report No.: Company-NAME-IDR20021003.2 1. Report Date: Thu Oct 03, 2002 - 10:40:23 2. Incident Date: 3. Type of Incident: Informational Report 4. Individuals Involved: Source: Target(s): Site: Company-NAME 5. Cost of this Incident: No Downtime. 6. Summary of Incident and Investigation Results: ***** End of Company-NAME Intrusion Detection Report No.: ### ***** ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- ACID and SnortReport Questions Ibarra, Michael (Oct 03)
- <Possible follow-ups>
- RE: ACID and SnortReport Questions Hicks, John (Oct 03)
- RE: ACID and SnortReport Questions Ibarra, Michael (Oct 03)