Thresh 1.5.0b

Thresh is an application for Snort that manages alert thresholding and suppression.
LICENSE TYPE:
GPL (GNU General Public License) 
USER RATING:
UNRATED
  0.0/5
DEVELOPED BY:
Matt Deren
HOMEPAGE:
sourceforge.net
CATEGORY:
ROOT \ Security
Thresh is an application for Snort that manages alert thresholding and suppression. It was designed to assist the administrator with tuning one or more Snort sensors. The project was designed to run under Red Hat flavors of Linux.

It summarizes Snort Alerts by alert count, allows creation and editing of threshold.conf files, prunes your Snort database based on your tunings, and allows you to preview your alert suppressions before deletion.

What's New in This Release:

DB queries were corrected.
Database pruning based on suppression sets was added.
A major code cleanup was undertaken.
All errors with signature name queries were corrected along with all read/write calls to config files.
The number of 'floating' variables between POSTs on all pages was reduced. Descriptions were added to description boxes. Rule edit/delete options were added. Issues with alert counts were corrected.
A cool way was devised to do CIDR block DELETEs and SELECTs in MySQL.

Last updated on March 26th, 2007

#alert thresholding #alert suppression #manage alerts #Thresh #alert #thresholding #suppression

  Add it to your Download Basket!

 Add it to your Watch List!

0/5

Rate it!
send us
an update

Add your review!

SUBMIT