Re: Trending

[Paul Halliday <paul.halliday () gmail com>]

On Wed, Jul 13, 2011 at 5:20 PM, Lay, James <james.lay () wincofoods com> wrote:
> Hey all!
>
>
>
> So…I’ve got Snorby installed…it was a hoot, but it’s done now.  My goal for
> the GUI is to easily see trends over time….try and catch the bad guys that
> scan 5 ports a day and junk like that.  Is Snorby the best for this or is
> there something else better out there?  Thanks for any advice.

 Like a canned view?

Would you want to be able to create the conditions for the view
yourself? What criteria would you want to be able to chose from?

How do you see the operation of something like that? What interval is
good? an hourly summary? Daily? Monthly?

What other 'junk'?

Just looking for ideas.

-- 
Paul Halliday
http://www.squertproject.org/

------------------------------------------------------------------------------
AppSumo Presents a FREE Video for the SourceForge Community by Eric 
Ries, the creator of the Lean Startup Methodology on "Lean Startup 
Secrets Revealed." This video shows you how to validate your ideas, 
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please see http://www.snort.org/docs for documentation