Squert - A Simple QUEry and Report Tool
Squert is a web application that is used to query and view event data stored in a Sguil
database (typically IDS alert data). Squert is a visual tool that
attempts to provide additional context to events through the use of
metadata, time series representations and weighted and logically grouped
result sets. The hope is that these views will prompt questions that
otherwise may not have been asked.
Intro Video:
Requirements
- Sguil 0.9.0 http://sguil.net. If you use Security Onion http://securityonion.blogspot.ca you can get everything setup rather quickly.
- PHP55 with CLI
- mysql
- TCL, TclX
- mysqltcl
- uri
- ftp
- ftp::geturl
- md5
- MySQL client
Squert - A Simple QUEry and Report Tool
Reviewed by Zion3R
on
12:33 PM
Rating:
Reviewed by Zion3R
on
12:33 PM
Rating:
