SAM - Snort Alert Monitor / News: Recent posts

The more I looked at SAM the more I realized that it has strayed off course of it's original goal of being a lightweight real-time Snort monitor so I decided to start working on a new project and keep it more focused. The result of this new project is SAM Jr. Some of the ideas that have resulted from the new interface have been implemented into SAM, but only where it makes sense.

SAM Jr .1 was released on SourceForge yesterday. To find out more about SAM Jr you can browse over to it's main home at http://freesoftware.lookandfeel.com/samjr/ or go to it's SourceForge home at http://www.sf.net/projects/samjr/.... read more

SAM has been mentioned in two seperate books. SAM is mentioned on several pages in both Snort 2.1 and Snort for Dummies. Check them out at your local bookstore.

The latest release fixes an issue that didn't allow SAM to work with MySQL 4.1. Also two new graphs have been added to the main screen. See the screenshots section for a view of the new graphs.

After quite a long time with no progress there is finally a new release thanks mostly to our new developer Eric. Some of the changes include PostgreSQL support, automatic hostname lookups, extended attack info and filters. Check out the latest round of improvements today!

The Snort Alert Monitor project would like to welcome a new developer. Eric Internicola is joning the Snort Alert Monitor team and has already made significant enhancements to SAM. These new changes will be avaialable shortly. Thanks for all your help Eric!

It's been quite a while since a new version of SAM has been released, but a new release will be forthcoming shortly. Some of the new features included in the new release are the ability to monitor multiple sensors, purge alerts from the database and get more details about a specific alert. If you have additional features you would like to see please add them to the feature request section. Thanks.... read more

Version 2002-08-26 has just been released. This is a highly recommended upgrade for any one using SAM. It includes many enhancements including a new right click menu that allows you to see the Fully Qualified Domain Name of both the source and destination of alerts. Also, includes many speeds up and a new progress bar to provide feedback on database queries. Enjoy!

I have received a request for some documentation so I have put together some quick documentation that should help people getting started. Documentation is available at http://freesoftware.lookandfeel.com/sam/documentation/.

This initial documentation is very rough (and I'm not great at documentation anyway) so if some one would like to clean it up I would very much appreciate it.

Sam

Fixed a bug that prevented SAM from running on Mac OS X.

The initial version of SAM has been released. This first release is mostly a working prototype. There is LOTS of work that needs to be done under the hood, but I wanted to get it out so that people can start using it and giving feedback. We have been using it where I work for several weeks now and it's been working great for us. Please let us know your thoughts and suggestions.

Sam