#16 'Email Report' based on AG

2.0x
closed
nobody
Reporting (12)
5
2005-10-03
2005-02-03
Alejandro Flores
No

It would be very nice if we can notify the network
owner of the offending network with a template report,
like:
"Dear Sysadm,

We have detected some abnormal activity comming from
your network. Please, check out the IP: xxx.yyy.zzz.hhh.
Following is the activity detected:

Source IP --- Destination IP --- Event
--- Date/time
x.y.z.h a.b.c.d SSH
Scan 2004-01-02...
x.y.z.h a.b.c.d SSH
Scan 2004-01-02...
x.y.z.h a.b.c.d SSH
Scan 2004-01-02...

Thanks,
Sysadm
--
Report generated on BASE.
http://secureideas.sourceforge.net/
"

Discussion

  • Joel Esler
    Joel Esler
    2005-02-03

    • milestone: --> 467936
     
  • Joel Esler
    Joel Esler
    2005-06-01

    Logged In: YES
    user_id=853584

    Incident Grouping Work

     
  • Joel Esler
    Joel Esler
    2005-06-01

    • milestone: 467936 --> 498397
     
  • Kevin Johnson
    Kevin Johnson
    2005-10-03

    • milestone: 498397 --> 2.0x
    • status: open --> closed
     
  • Kevin Johnson
    Kevin Johnson
    2005-10-03

    Logged In: YES
    user_id=836228

    This will become part of 2.x which is being worked on currently.