Publisher review:SnortALog is a script that summarizes snort logs making it easy to view any attacks against your network. SnortALog is a powerfull perl script that summarizes snort logs making it easy to view any attacks against your network.
SnortALog works with all versions of SNORT and is the only script who can analyse snort's logs in all formats (Syslog, Fast and Full alerts).
Features:
Main Possibilities
- Create HTML, PDF and ASCII text reports.
- Can specify order (ascending or decscending).
- Can specify the number of occurences to view.
- Can resolve IP addresses and domains.
- The ability to get Whois Database information.
- Add colors for best visibility.
- Graphic User Interface.
- Mulit-language output.
- Possibility to do filtering (e.g if you only want src logs) reference's rules.
- Generate GIF, PNG or JPG graph in HTML output.
Snort Possibilities
- Works with Syslog, Fast and Full alerts.
- Works with all preprocessor (spp_stream4, spp_portscan, spp_decoder, flow and flowportscan ...).
- Has the possibility to link the signature to the web reference attack description.
- Works with "-I" Snort's option to specify an interface and add report.
- Works with "-e" Snort's option (Display the second layer header info).
- Use a specific plugin to generate your owns reference's rules.
SnortALog 2.4.2 is a Perl script for Security Systems scripts design by Jeremy Chartier.
It runs on following operating system: Windows / Linux / Mac OS / BSD / Solaris.
SnortALog is a script that summarizes snort logs making it easy to view any attacks against your network.
Operating system:Windows / Linux / Mac OS / BSD / Solaris