[Sguil-devel] sguil-0.3.0 Released
Status: Beta
Brought to you by:
bamm
From: Bamm V. <ba...@sa...> - 2003-10-30 21:29:58
|
All, Announcing the release of sguil-0.3.0. Get it at http;//sguil.sourceforge.net Sguil (pronounced sgweel) , is built by network security analysts for network security analysts. Sguil's main component is an intuiative GUI that provides the analyst with realtime events from snort/barnyard. It also includes other components which faciliate the practice of Network Security Monitoring and event driven analysis of IDS alerts. The sguil client is written in tcl/tk and can be ran on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32). Demo version 0.3.0 by pointing your sguil client to the server at bamm.dyndns.org. Use any username/passwd when prompted. Some changes/additions include: * IP address and port lookups using http://www.dshield.org * A 'wizard' for building queries * A dialog for storing standard queries * Export query results to a text file using CSV * Email RT events based on signature ID and/or classifications * Auto-catagorize events based on filters Bammkkkk |