Snort-rep 1.10 review

Download
by rbytes.net on

snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file

License: GPL (GNU General Public License)
File size: 19K
Developer: David Schweikert
0 stars award from rbytes.net

snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file.
The reports contain:
Portscan summary
Alert Summary by ID
Alert summary by remote host and ID
Alert summary by local host and ID
Alert summary by local port and ID

It is designed to be used for daily e-mail reports to the system administrators (see snort-rep-mail for an example script that generates daily e-mails). The HTML code output contains direct links to the IDS descriptions of whitehats.com.

What's New in This Release:
release 1.10
fix off-by-one hour error in syslog parsing when changing from daylight saving time
support portscan2 (Snort 1.9.0)

Snort-rep 1.10 keywords