SNEZ Copyright (C) 2011-2019 Gene Guinter
SNEZ is free software: you can redistribute
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
SNEZ is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see http://www.gnu.org/licenses/.
Do not allow SNEZ to be accessed from the Internet or an untrusted or insecure network.
SNEZ is a web interface to the popular open source Intrusion Detection Systems SNORT(R) and Suricata. The main design
feature of SNEZ is the ability to filter and classify alerts. SNORT(R) is a registered trademark of Cisco. All rights reserved.
- Filter alerts on combination of signature, date, ip addresses, and sensor
- Filters can be used to classify alerts; filters are sortable and comments can be edited
- Can set up alerts on various combinations of alerts, addresses, etc. as 'warnings'
- Analyis view of source addresses for most signatures, events, destination ports
- All code server side PHP, easy installation with one simple config file and page
- Monitor up/down status of snort and barnyard2 processes
- Packet display and the ability to do a short real-time packet dump
- All activity related to filtering and deleting alerts logged
- Suppressed/dismissed alerts can be retrieived by overriding filters
- DNS lookup with your favorite DNS lookup sites (configurable)
- Runs on FreeBSD in addition to many Linux ditributions including Ubuntu, Fedora, SuSe and CentOS
Most current version is SNEZ 3.1
SNEZ 3.0 highlights- Works with both unified2 and JSON outputs; Works with Snort 2.9.x, Snort 3.0, and Suricata, expanded view capabilities
SNEZ on Sourceforge- see screenshots; download software, README, and documentation.
Other versions available for download- SNEZ 3.0, 2.3, 2.2, 2.1
Bleeding Edge version- Check back for any future development.
SNEZ Bleeding Edge on Sourceforge
Information about the GNU General Public License can be found at http://www.gnu.org/licenses/
Send comments and inquiries to email@example.com
SECURITY, REQUIREMENTS and PRE-REQS
-While SNEZ is tested with web vulnerability scanners, do not allow SNEZ to be accessed from the Internet
or an untrusted or insecure network.
-Snort or Suricata, Apache, MySQL, PHP. Barnyard2 if outputing unified2 format.
README and Installation Instructions on Sourceforge