The sensorTrends software produces reports that trend security device log files.
One of the main benefits of this Web-based application is its intuitive, user-friendly interface that resembles incidents.org and Dshield.com. With quick links to correlate your data with the Internet Storm Center (incidents.org), this app simplifies the analysis process.
Supported log formats include syslog output from Cisco router Access Control Lists (ACLs), Cisco PIX firewall, Snort's portscan.log files, and NetScreen syslog output. To run sensorTrends, you'll need to have Apache, PHP4 with GD and MySQL support, PEAR DB, PEAR table.php, JpGraph with basic and extra fonts, Perl 5 with DBI and GetOpt::Long, MySQL 3.2X, and your log files.
The latest release features a major update that lets you view trends for TCP/UDP/IP/ICMP, making it easier to pinpoint network vulnerabilities. The Perl parsers have been modified to identify the specific protocol and insert them into the correct database table, while the PHP displays have also been updated to show the new data.
Overall, sensorTrends is a must-have tool for anyone serious about network security. Its robust feature set and ease of use make it stand out from the competition, and its compatibility with a variety of log formats ensures you'll always have the information you need at your fingertips.
Version 0.6: N/A