Snort mailing list archives

RE: Automated alert email.

From: "Williams Jon" <WilliamsJonathan () JohnDeere com>
Date: Fri, 6 Aug 2004 13:36:57 -0500
I've got a couple perl scripts I use.  They run from cron and check the
SnortDB.  One of them looks for X events in Y period of time for each
source host and will send both email and SNMP traps.  The other sends
the same kinds of alerts but looks only for a single instance rather
than thresholding.

Before I can send them out, I'd have to sanitize them first.  Also,
there'd be several files, since each script has a main script file and a
config file.  I'd rather not try to post attachments, and perl inline
within an email is usually uglier than normal perl code.  If there's
interest in the scripts and someone has a website that they'd be willing
to put these scripts on, I can send them.  If there's not a bunch of
interest, I can send them just to the original requestor.

Jon

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Lyndon Tiu
Sent: Friday, August 06, 2004 12:53 PM
To: Snort Users Postings
Subject: [Snort-users] Automated alert email.

I checked out google and there are a few scripts here and there that
emails when certain alert thresholds are reached. But these have mostly
limited functionalities.



Can you guys point me out to other similar snort add-ins that can email
alerts.



Thanks.



--

Lyndon Tiu


-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users





-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:

Automated alert email. Lyndon Tiu (Aug 06)
- <Possible follow-ups>
- RE: Automated alert email. Williams Jon (Aug 06)