Re: Snort and Mysql for statistics purposes

[Jose Maria Lopez Hernandez <jkerouac () bgsec com>]

El mar, 08-03-2005 a las 18:05 -0600, David Jiménez Domínguez escribió:
> Hi folks!
>
> I need to graph all the traffic in my network (Top ports, Top src_ip,
> Top attacks) each 5 minutes...In the DataServer I have intalled Mysql
> and in the firewall I have installed snort-2.3.0 and I created just 4
> rules to get all the tcp,udp,icmp and ip traffic in order to graph it
> with perl and rrdtool and post it in a web page....
>
> Do you think it is the best way to do that???
> Have your ever done something like that?? What tools do you recommend me??

If you are gonna make changes frecuently to the system and
you want to have it all well configured you can also try
Cacti, that it's a frontend to rrdtool where you can integrate
your own scripts.

> Regards 
>
> DJ

Regards.

-- 

Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac () bgsec com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÑA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users