Projects / snortalog

snortalog

Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like CheckPoint, Netfilter, IPFilter, Packet Filter, Cisco PIX/ASA, NetScreen, TippingPoint, and Lucent BRICK in a similar way.

Tags
Licenses
Operating Systems
Implementation
Translations

Last announcement

The SnortALog's TEAM is back to improve your best tool 06 Jan 2011 21:44

The SnortALog's TEAM is back to improve your best tool. Because the log syntax is important, we need you to provide us a large variety of Snort's logs and to contribute for Snortalog is and stay up-to-date. Thanks in advance to send us your contribution at the email jeremy.chartier@free.fr

Recent releases

  •  29 Mar 2011 15:36

    Release Notes: This release brings new features like TippingPoint, Netscreen, and CheckPoint R70 & R71 logs detection. The GUI works with the latest GD libraries to improve Windows compatibility.

    •  02 Apr 2007 19:58

      Release Notes: This release brings new features like CHECK POINT VPN-1 log detection with the "fw log -n" and "fw tab -t connections -f -m 25000" commands. CISCO PIX log detection has been enhanced (syslog datagram), and Russian language support has been added.

      •  25 Jan 2007 13:00

        Release Notes: This new release brings improvements and bugfixes. The major ones are enhancement of CISCO Pix log detection, new reports for firewalls, and color bug correction in graphs. A new feature is the possibility of working with JUNIPER NetScreen logs.

        •  26 Sep 2006 13:54

          Release Notes: This release brings new features like JUNIPER NetScreen logs detection and new reports for Firewall. Improvements include GUI and Cisco PIX log detection. A bug in graph color was corrected.

          •  01 Dec 2005 15:27

            Release Notes: This release brings a lot of big enhancements. The major ones are code enhancement. The code was totally revisited to improve performance. The engine doesn't need swap and can now work with huge log files. The memory process and performance aren't amazing. Moreover, an HTML output feature was added and the GUI brings new functionality very appreciable. Snort 2.4 and Pix log detection was improved. Snort Barnyard and Lucent Brick log detection were added.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.