|
|
|
|
Snort Forums Archive
Archive Home » Third Party Tools » SnortALog to generate monthly report
Please note that the categories listed below represent an archived version of our forums pages. To view the current version and be able to post and reply to threads, please register and login here to go to the full forums pages.
[ Notice: Full Version of This Topic ]
SnortALog to generate monthly report
Posted by couchpotato on July 13, 2005 22:52:33
Hi all,
Can anybody explain me how I can generate snort monthly reports using SnortALog?
I use
---
cat alert | ./snortalog.pl -h `date '+%Y_%m_%d_%H_%M'`.html -g png -u /var/log/snort/ -report
---
to generate the html files on a daily basis. I have searched on google, and I read and re-read the snortalog pdf file, but couldn't get any idea. The developer talks about log rotation as
"You need to redirect the log file to my program as shown by the following shell command :
* cat logs.file | ./snortalog.pl -r -n 50
Why I did I not ask for a specific file name ?
Just for one reason (but a smart one :-). For daily logs rotation, I'm using the file name format file_yyyymmdd.log (Year, Month and Day). So it's easy for me to generate daily, weekly, monthly and yearly report without any file renaming operations. "
Now how does he "generate daily, weekly, monthly and yearly report without any file renaming operations."?
If anybody has any idea, do let me know. Thank you.
Regards,
Banu |
|
Posted by SnortALog_Admin on January 23, 2006 04:25:59
Hi,
You need to use a bash script to automate your Snort logs rotation and the SnortALog report.
If all of your logs have name format file_yyyymmdd.log, it's very easy to do :
for FILE in ( ls file_*); do
./snortalog.pl -file $FILE -n 10 -report -h /var/www/$FILE.html
done
Jeremy |
|
|
|
|
|
