Hello Everybody,
I did a (simple) perl script in order to use "Picviz" with "Bro" (it's an
open-source, Unix-based Network Intrusion Detection System (NIDS)).
Here are the parameters i plot : time, src_ip, src_port, src_bytes,
dst_ip, dst_port, receive_bytes, duration, state.
The states are the same Bro is reporting about :
"S0,S1,SF,REJ,S2,S3,RSTO,RSTR,RSTOS0,RSTRH,SH,SHR,OTH", i plot them using 3
groups of colors :
"S0,S1,S2,S3, REJ,RSTO,RSTR" Bro is an open-source, Unix-based Network
Intrusioas "blue"
"SF" as "green"
"RSTOS0,RSTRH,SH,SHR,OTH" as "red"
}
You'll find the files i use at http://www.rootshell.be/~jpli/picviz
"Bro" is available at http://www.bro-ids.org
With regards,
Jean-Philippe.
_______________________________________________
Picviz mailing list
Picviz@wallinfire.net
http://www.wallinfire.net/cgi-bin/mailman/listinfo/picviz
