I'm working on a term project for my grad class where we want to add a column to the BASE interface. Right now, the < Source Address > is only providing us with the Web Proxy IP Address which is useless. The X-Forwarded-For address is the one we need. I have written a PHP script that searches the Data Payload field in the Snort MySQL database based on the cid and sid of the entry. I just have a simple page set up where you enter the sid and cid which will return the X-Forwarded-For address…but we need it to be more user friendly and incorporate it into the BASE interface.
What do you think is the best way to incorporate this into the interface of BASE?
Log in to post a comment.