snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file. The reports contain:
It is designed to be used for daily e-mail reports to the system administrators All reports contain priority information (if used with Snort 1.8+) and the HTML output contains direct links to the IDS descriptions of whitehats.com.
An example script to rotate the snort logfile, create text and html reports and send the result to root via e-mail is also included.
See an example report: text or HTML.
Download it here.
This script has been tested on Solaris 2.6.
Return to my Homepage