snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file.
Version: 1.10snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file.
Operating System: Linux
The reports contain:
Alert Summary by ID
Alert summary by remote host and ID
Alert summary by local host and ID
Alert summary by local port and ID
It is designed to be used for daily e-mail reports to the system administrators (see snort-rep-mail for an example script that generates daily e-mails). The HTML code output contains direct links to the IDS descriptions of whitehats.com.
What's New in This Release:
· release 1.10
· fix off-by-one hour error in syslog parsing when changing from daylight saving time
· support portscan2 (Snort 1.9.0)