GKrellM-snort 0.3 is out!

With a single process, GKrellM manages multiple stacked monitors and supports applying themes to match the monitors appearance to your window manager, Gtk, or any other theme (from the GKrellM readme file).

It also supports plugins; and on this page you can find a plugin written by me : GKrellM-snort.

GKrellM’s own website is at: http://www.gkrellm.net

GKrellm

I found quite boring to look at those snort logfiles. This plugin monitors the SNORT alert file (/var/log/snort/alert).

This first line displayed is a ticker showing the last alert.
The second one shows the time and the date of the last alert.
The last one shows the time since last alert.

To get this plugin to work, you’ll have to :

• make the snort alert file readable by the user
• configure snort to dump fast alert (fast alert mode) to /var/log/snort/alert

You can see a screenshot of GKrellM-snort in action on the right.

Author: Anthony Garnier opentony [at] free.fr download the associated GPG public key.

ToDo list:

• Code cleanup.
• Configuration panel.
• Make gkrellm-snort play a sound when an alert occurs.
• Fix the ticker speed.
• Create an « about » panel.
• Multilanguage support.
• Display the time and date of the last alert.
• Make the log scroll when holding mouse button.
• Color depending ont the priority.
• Blinking text while the x first seconds of the alert.
• And many things ….

Changelog:

• 0.3: fixed memory leak (malloc’s fault, not mine ).
• 0.2: GKrellM-snort now displays the date and time when the last alert occured.
• 0.1: first release of GKrellM-snort.

Download:

• GKrellM Snort plugin 0.3 (tar.gz)
• GKrellM Snort plugin 0.2 (tar.gz)
• GKrellM Snort plugin 0.1 (tar.gz)

Plugins on this page are free software released under the GNU General Public License. Feel free to e-mail me with comments, questions or suggestions.