202
Chapter 6     Using ACID and SnortSnarf with Snort
mysql> 
show tables;
+                  +
| Tables_in_snort  |
+                  +
| acid_ag          |
| acid_ag_alert    |
| acid_event       |
| acid_ip_cache    |
| data             |
| detail           |
| encoding         |
| event            |
| flags            |
| icmphdr          |
| iphdr            |
| opt              |
| protocols        |
| reference        |
| reference_system |
| schema           |
| sensor           |
| services         |
| sig_class        |
| sig_reference    |
| signature        |
| tcphdr           |
| udphdr           |
+                  +
23 rows in set (0.00 sec)
mysql>
The first four tables in the list show the newly created ACID tables.
6.4 SnortSnarf
SnortSnarf is another tool to display Snort data using a web interface. It is available
from its web site at http://www.silicondefense.com/software/snortsnarf/index.htm.
Basically it is a Perl script and you can run it after downloading without going through
any compilation process. It can parse Snort log files as well as extract data from
MySQL database. The following command parses 
/var/log/snort/alert
 file
and places the newly generated HTML files in the 
/var/www/html/snortsnarf
directory where they can be viewed later using a web browser.
snortsnarf.pl /var/log/snort/alert  d /var/www/html/snortsnarf






footer




 

 

 

 

 Home | About Us | Network | Services | Support | FAQ | Control Panel | Order Online | Sitemap | Contact

toronto web hosting

 

Our partners: PHP: Hypertext Preprocessor Cheap Web Hosting JSP Web Hosting Ontario Web Hosting  Jsp Web Hosting

Cheapest Web Hosting Java Hosting Cheapest Hosting

Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved