ACID
The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security-related software such as IDSes and firewalls (e.g., Snort or ipchains). It provides a search interface for finding alerts matching practically any criteria. This includes arrival time, signature time, source/dest address/port, flags, payload, etc. ACID also provides the ability to annotate and logically group related events, delete false positives, or archive alerts among databases. Finally, a variety of statistics and graphs can be generated based on time, IP address, ports, alert classification, and sensor.
| Tags | Security Networking Monitoring |
|---|---|
| Licenses | GPL |
| Operating Systems | OS Independent |
| Implementation | PHP |
Recent releases
- 27 Jul 2001 17:41
No changes have been submitted for this release.
