Manage Snort intrusion detection logs with Log Parser
Source: Syngress
Snort is an open-source intrusion detection system (IDS) used in a wide variety of network environments. It is a lightweight but extremely powerful tool for detecting malicious traffic on your network. However, Snort users quickly learn that reporting is not its strength, and an intrusion detection system is only valuable if you can effectively review and act on the data it produces. Fortunately, Log Parser is a perfect match for Snort for managing intrusion detection logs. In this sample chapter from Microsoft Log Parser Toolkit, learn how to use Log Parser to take snapshots of IDS logs and present them in different, easy-to-read reports. Chapter coverage includes:
- Gathering Snort logs
- Building an alerts detail report
- Buildling an alerts overview report
- Managing Snort rules
ISBN: 1932266526
Published: February 2005
Authors: Gabriele Giuseppini and Mark Burnett
Chapter: Chapter 5: Managing SNORT Alerts
Published by Syngress Publishing
| Format: | Size: | 918.00 | |
| Version: | 1.0 | Date: | Jun 2007 |
| Price: | 0.00 | Downloads: | 1319 |
