[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: Re: Snort sniffer logs
From: Ron <iago () valhallalegends ! com>
Date: 2005-05-31 14:04:52
Message-ID: 429C6F04.5000708 () valhallalegends ! com
[Download RAW message or body]
I use a program derived from Acid called Base (feel free to groan at the
joke). It reads the Snort data from MySQL and presents it similar to
Acid. It has configurable user accounts and is quite nice to use. I
highly recommend it.
http://sourceforge.net/projects/secureideas/
Tom Rhodes wrote:
>Hi everyone,
>
>Relatively quiet on the list but I finally have a question and
>am hoping someone has an answer.
>
>On a network we have, snort is being run as a sniffer to capture
>application data transferred on the dc0 interface.
>
>Is there an easy way to parse the output? Reading a few hundred
>TCP:XXX files every day doesn't sound like fun. I've thought
>about using ACID and dropping it into mysql, but would that make
>viewing any easier?
>
>Thanks in advance.
>
>--
>Tom Rhodes
>
>
>
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic