| |
Introduction
Snort Management Reports is a configurable reporting application that can be run against any Snort™ compliant database
to analyse and report the result of the analysis in a Portable Document Format (PDF) report.
Snort™ as an Open Source Intrusion Detection and Prevention System now benefits from a high quality Management reporting tool. Alert Management Reports is a robust and configurable
reporting solution that can provide a strategic view of your companies security performance.
|
|
Configurable
Alert Management Reports can either draw a high level statistical overview of your incident database or can be
configured to do a detailed analysis of your security traffic for each day of the report period. This flexibility
allows the administrator to use the report to measure weekly performance and by tracking the variance on the data
in the report, can alert you to any anomalous activity that needs deeper investigation. This allows you to use
Management Reports as a security dashboard to keep an eye on your security posture and to investigate in
more detail if any anomaly is detected.
The application can be configured to include any of a range of specific types of data ranging from graphs of events vs. time
to summarised and/or detail listings of IP and port numbers of alerts packets.
Extensible
Alert Management Reports can easily be extended to provide answers to questions that
are of specific interest to your organisation. These queries can be anything ranging from custom views of data returned by
existing queries to complex data mining operations on historical data.
Sample report
Please download a sample report from our product documentation
section
Open Source version
CounterSnipe has released Alert Management reports as an Open Source product under the LGPL.
You can download the product as a tar.gz file and install it or you can download our debianized packages.
Click here to read the product installation readme.
Download
You can download the product from here.
|
|
