SAM is a program to monitor (in real-time) the number of alerts generated by Snort. Having recently set up Snort and ACID I felt like there was something missing.
Snort was great for identifying suspicous traffic and ACID was great for digging in to the details but I needed something that was a little higher overview and able to sounds alarms if certain conditions were met.
For instance if I was attacked 100 times in a 5 minutes period. SAM does not replace Snort or ACID but rather it compliments them.
- Add database table prefix
- Add MaxMind's database
- Add style to the user's table
- Nagios check not correctly providing perf data
- Removed redundant arin link on events page
- Add preference page to iPhone site
- Add ability to map where threats are coming from
- Add authentication
- Add Country code to IP addresses on the dashboard
- Color code priority