I use snortsnarf [ http://www.silicondefense.com/software/snortsnarf/ ] to generate HTML reports from Snort and just put the files on an internal webserver so that interested parts can have a look.
Don't know if it's quite what you need. On Mon, 2002-06-03 at 03:29, michaelian ennis wrote: > I have four PIX firewalls that I manage I also have one FreeBSD IDS (Snort > -> MySQL -> ACID). I have recently gotten to the point where I need to > centralize the monitoring. I have two Network Monitoring systems One is > > Win2K which runs CiscoWorks 2k Routed WAN and SolarWinds Bandwidth Monitor, > then another > Red Hat 7.1 running MRTG, Apache and various perl scripts I use for rolling > out changes to the Network. > > I am considering adding an Free(or Open)BSD IDS at every firewall and was > thinking of using each as a local syslog server as well, but my staff needs > an easy GUI for sorting through syslog messages to debug PIX problems. > > I would like to maintain a syslog server/IDS at each site and have the > syslog messages collected in a central location where a windows based tool > can be used to filter through all the entries at once. I do want each site > to have its own copy of the local syslog messages incase the WAN goes down > but I do not want the staff to have to connect to each individual server. > > > Any suggestions? > -- Atentamente, Nuno Branco Markdata - Informa��o para Gest�o, Lda. R. Padre Lu�s Apar�cio, n.� 10 - 3� 1150 - 248 Lisboa PORTUGAL http://www.markdata.net http://www.mediamonitor.pt
