Project

General

Profile

Feature #2008

Packet display in snort alerts

Added by Dick Nixon almost 9 years ago. Updated about 8 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Snort
Target version:
-
Start date:
11/15/2011
Due date:
% Done:

100%

Estimated time:

Description

Here's a quick hack to allow optional display of snort alerts packets.
Default is to not display. A checkbox is provided to Show Packets. When the Save button is clicked then the code to display packet contents is activated and a column is added to the page. It overflows the page a bit depending on the theme page background.

It only displays packets from the current run of snort. Previous alert packets are displayed as 'empty'.

Also added a whois lookup from dnsstuff for the source and destination ip addresses.

snort_alerts.php (19.1 KB) snort_alerts.php Dick Nixon, 11/15/2011 08:49 PM

History

#1 Updated by Ermal Lu├ži about 8 years ago

  • Status changed from New to Rejected

Please do this through barnyard or something esle.

Also available in: Atom PDF