| Search Site |
| Search Rules |
| Account |
| not registered? |
| can't login? |
| user preferences |
 |
 |
|
|||||||||||||||||||
Next: 5.3 How do I Up: 5 Getting Fancy Previous: 5.1 I hear people
5.2 How do I process those Snort logs into reports?
- Barnyard 5.1 can be used to process unified output files into a number of formats, including output to a database for further analysis.
- SnortSnarf, a tool for producing HTML out of snort alerts for navigating
through these alerts.
http://www.silicondefense.com/snortsnarf/
- If you want to set up logging to a database you could try ACID. Some
documentation describing the current ACID functionality includes:
- You can manipulate the unified output files directly without a separate
database and browse/correlate them with Cerebus:
- For GUI front ends with simple log browsing, look at:
- HenWen (OSX)
http://homepage.mac.com/nickzman
http://home.attbi.com/~rickzman/software/HenWen1.0.sit.bin
- IDS Center (Win32)
- Puresecure (UNIX and Win32) (Formerly known as Demarc.)
http://www.demarc.com/downloads/puresecure/
- SnortCenter (UNIX and Win32)
- IDS Policy Manager (Win32)
- HenWen (OSX)
Next: 5.3 How do I Up: 5 Getting Fancy Previous: 5.1 I hear people
| Terms of Use | Privacy Policy | forum archives | site feedback ©2009 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved. |