Top White Papers
A Simple Snort Alert ParserSep 27, 2010, 19:04 (0 Talkback[s])
[ Thanks to J Fink for this link. ]
"Snort Intrusion Detection Software (IDS) is a great out of the box easy to use system to monitor a network for possible threats. While there are many ways to receive alerts, one very simple approach is to periodically parse the alert log and simply mail alerts to whom it may concern. In this text a simple example of parsing a snort alert log using Perl. Note this alerter could probably be used for other loggers and there exist other tools available like Splunk which might be more suited for larger installations. The thesis of this text is to show how a relatively useful utility can be quickly hacked together to provide an elegant solution.
0 Talkback[s] (click to add your comment)