|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Slighter, Tim (tslighter_at_itc.nrcs.usda.gov)
Date: Wed Dec 04 2002 - 08:54:30 CST
Your best option might be to use the graphing tools built into ACID and
create and copy specific alerts into AG's. For example, create an AG called
Nimda and one called Code Red and one called Port Scans and then use the
search tool to copy alerts based on those signatures into their
corresponding AG and from there you should be able to create a pie chart for
weekly or monthly or so on....hope that helps somewhat
-----Original Message-----
From: Christopher Lyon [mailto:cslyon
netsvcs.com]
Sent: Tuesday, December 03, 2002 9:16 PM
To: snort-userslists.sourceforge.net
Subject: [Snort-users] Another Snort Reporting Question
This might be an odd request so bare with me.
My boss is looking for reports that he can hand to his boss that more or
less justifies the time and money with building all of these sensors we
are placing on our network. ACID, SnortSnarf and Snort Report are very
cool and useful for the technical staff but they are way too technical
for these guys. I think we have all dealt with non technical upper
management so you know where I am going with this. Is there anything out
there with just graphs at a more top level view? Stuff like how many
alerts, there priority or ranking and charts? Any suggestions, comment
or thoughts?
-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET
comprehensive development tool, built to increase your
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET
comprehensive development tool, built to increase your
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]