Re: Snort tool for alert analysis

[jeremy chartier <jeremy.chartier () free fr>]

Or better in specific cases : SNORTALOG
http://freshmeat.net/projects/snortalog/

> Hi list,
>
> A lot of attacks get generated in the alert file when I run Snort? It is
> manually very difficult to go thru each rule to try an figure out which
> snort rule caused which attack and also it is very difficult to manually
> count the frequency of each attack generated in the file. Is there any tool
> that helps me count the frequency of each attack in an alert file(s), helps
> me sort the attacks in the file, helps me batch all common attacks in a
> file/files?? Please could someone help me by letting me know of any
> window-based tool that would help me in this aspect.......a unix based tool
> is ok too. Thankyou all.
>
> Clayton Mascarenhas
>
>
>
> Do you Yahoo!?
> Yahoo! Tax Center - forms, calculators, tips, and more
>
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
>
>  





-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users