Snort-rep 1.10 review
Downloadsnort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file
|
|
snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file.
The reports contain:
Portscan summary
Alert Summary by ID
Alert summary by remote host and ID
Alert summary by local host and ID
Alert summary by local port and ID
It is designed to be used for daily e-mail reports to the system administrators (see snort-rep-mail for an example script that generates daily e-mails). The HTML code output contains direct links to the IDS descriptions of whitehats.com.
What's New in This Release:
release 1.10
fix off-by-one hour error in syslog parsing when changing from daylight saving time
support portscan2 (Snort 1.9.0)
Snort-rep 1.10 keywords