Snort IDS Log Analyzer Tool
Real-time collection and correlation of Snort IDS/IPS log and event data
SolarWinds Security Event Manager (SEM) is built to collect, correlate, and monitor log and event data from Snort intrusion detection and prevention systems for Windows and UNIX environments.
You can configure SolarWinds SEM to receive log data from Snort intrusion detection and prevention systems to provide real-time, in-memory, multidimensional correlation and analysis of Snort log data. SEM is designed to support your ability to perform quick and easy compliance reporting as well as forensic analysis on correlated log and event data to more easily determine root cause.
Immediately respond to Snort IDS/IPS log data security events
Whether it’s a threat infiltrating your IT infrastructure or malicious software that’s passed through your firewall, SolarWinds SEM is built to automatically take responsive actions in real time based on the log data from your Snort IDS/IPS with nearly 700 built-in event correlation rules.
Active Responses can provide real-time assurance that each policy-driven event violation, such as behavior patterns or specific internal or compliance-driven policies, gets immediate corrective attention.
SolarWinds SEM’s built-in Active Responses include:
- Sending incident alerts, emails, popup messages, or SNMP traps
- Blocking IP addresses
- Detaching USB devices
- Enabling or disabling users
- Killing processes by ID or name
- Logging users off
- Restarting or shutting down machines
- Starting or stopping services
Interactively search Snort log and event data to troubleshoot issues
SolarWinds SEM can give you advanced IT search functionality that goes beyond simple search and query languages. With SEM, you can effectively perform ad hoc IT searches and deeper forensic analysis by searching a range of data, from high-level events and key terms to specific log details.
Security Event Manager also supports your ability to visually explore data using word clouds, histograms, bubble charts, and tree maps to more easily identify important issues and drill down quickly with a few mouse clicks.
What is Snort IDS?
Snort is a free, open source intrusion detection and prevention system. Snort IDS software can help maintain real-time traffic and logging analysis on networks. Snort is also helpful for detecting types of cyberattacks.
What is Snort IDS log analysis?
Snort IDS log analysis is a tool for exploring your data visually through an intuitive search interface and discovering information with visual search tools that go well beyond ineffective search bars. Snort IDS log analysis can also help search, monitor, and report historical data for compliance and audit.
How does Snort work in SolarWinds SEM?
Snort is included with SolarWinds SEM as an open source application and receives updates when the SEM version is updated. SEM includes a default set of rules that can help get Snort running, but you should always configure rules for your environment.
By pairing Snort IDS with SolarWinds SEM SIEM monitoring tool, you can more easily scale to collect and centralize events generated by Snort and any other intrusion detection applications installed on your network.
Related Features and Tools
- What is Snort IDS?
- What is Snort IDS log analysis?
- How does Snort work in SolarWinds SEM?
- Related Features and Tools
What is Snort IDS?
Snort is a free, open source intrusion detection and prevention system. Snort IDS software can help maintain real-time traffic and logging analysis on networks. Snort is also helpful for detecting types of cyberattacks.
Automated Log Collection, Analysis, & Real-Time Event Correlation
Security Event Manager
- Collecting logs from different sources can feel like herding cats without the right tool.
- Cutting through the noise to quickly get to the logs you need doesn’t have to be difficult.
- Identifying suspicious behavior faster, with less manual effort and less security expertise, is possible.
Starts at
Subscription and Perpetual Licensing options available