Contributed by jose on from the integrated-security dept.
"I know there are quite few XML tutorials on O'Reilly and excellent man pages for pf logging, But I am wondering if anyone had written some tool to convert(offline or seperate process) PF logs to XML?would such work be useful?if combined with Snort's XML then we can have a smarter look at security events.It shouldn't be too hard to write a pflog reader which outputs XML (possibly sending it to another system for alerting). Has anyone done this?
Many Companies are promising the definitive correlation enginer/intrusion prevention. and I want to know if it is time for an open source intiative? in other words:
I need your tips on what to do after I finished analyzing snort's XML :)"
(Comments are closed)