"This HOWTO describes how to configure Snort version
1.8.3 to be used in conjunction with the statistical tools ACID
(Analysis Console for Intrusion Databases) and SnortSnarf. It also
intends to get some internal statistics out of snort, e.g. if there
are packets dropped.
Additionally a description of how to automatically update Max
Vision's rules, some scripts which may be helpful and a demo swatch
configuration is included.
This document was written when I created an IDS sensor with
Snort and using some statistic tools in order to help others
implementing it. If at least one out there can be helped it has
been worth the work.
Snort is an excellent Network Intrusion Detection System (NIDS)
for various unices. The Snort homepage can be found at
http://www.snort.org/. The version described here is 1.8.3 which
was the actual version at the time of writing."