Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Best web GUI for Snort IDS?
New Posts  All Forums:Forum Nav:

Best web GUI for Snort IDS?

post #1 of 8
Thread Starter 
I have Snort set up and I'd like a GUI that offers a simple summary while allowing for a detailed 'drill down' if required.

I've noticed there's a few different ones, and I've played around with some demos, but I'm still not really sure which to lump for.
post #2 of 8
Thread Starter 
Anyone? frown.gif
post #3 of 8
Doesnt Snort come with a GUI itself?

Another option is have the snort loggs pared by something like OSSEC then parse them with Analogi
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #4 of 8
Thread Starter 
Quote:
Originally Posted by Ulquiorra View Post

Doesnt Snort come with a GUI itself?

Another option is have the snort loggs pared by something like OSSEC then parse them with Analogi
snort is purely CLI. There maybe some GUIs that ship with snort appliances, but this is something I'm building from scratch.

By default, snort outputs to a binary log, so an interface of some description is required if you want to analyse that data. (Though I think snort does ship a command line utility for reading the logs)
post #5 of 8
Learning Snort has been on my to-do list for a long time... We should make GUI like that. Make it an OCN project smile.gif
post #6 of 8
The only GUI I've ever seen is the one used by Sourcefire. Obviously you won't get that for free though. smile.gif
post #7 of 8
Thread Starter 
Quote:
Originally Posted by The Hundred Gunner View Post

Learning Snort has been on my to-do list for a long time... We should make GUI like that. Make it an OCN project smile.gif
that's a nice idea in theory but there's already about a dozen different GUIs around. The problem I'm having is too much choice rather than a lack of. Plus the amount of work required to get anything up to the sort of level as the competition just wouldn't make it worth our time.
post #8 of 8
Last time I used snort in anger I used BASE

http://sourceforge.net/projects/secureideas/

Easy enough to setup and use.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Best web GUI for Snort IDS?