14-03-2003 23:04: Send an email to Brian Caswell asking if he would want a copy of the script.
15-03-2003 02:01: Brian wants it, but then I need to do comments in the code. Jesus, I had that.
15-03-2003 02:30: Need to rename the User Defined Functions, the GetXRef stuff where testing functions that suddenly became the real ones. I'll do that when I've finished the "linking to sig_sid to http://www.snort.org/snort-db/sid.html?sid=".
15-03-2003 02:30: Brian talks about licensing the code. How do one do that ? ...
15-03-2003 03:22: That was easy. Now snort.asp also links to snort-db by sig_sid.
15-03-2003 14:25: There. Found a template for a license i like. The BSD license
16-03-2003 03:31: There. Optimised the userdefined functions, renamed them, and implemented CountryCodes. ( se the exsample. Neat eh'? ... ) and did som major optimising in the asp code. ( it was needed. If you had more than 200 probes the script took forever to complete. )


Okey, this is my first time making code public, so don't expect to much.

Tested with both MSDE and MS Sequel Server Developer edition
Setup snort on you'r system.

Follow the guides on how to log to a ms-sql server.
( I had a hell of a good time, trying to figure out that snort uses ISQL and therefore, can not connect to a SQL instants running on a custom port, so a good advice. Test that everything works, by trying to connect to you SQL server with ISQL, before posting to the forums :) )

Unzip c:\snort\contrib\snortdb-extra.gz in implement it in you're database.
( remember to do a search and replace on \' to ''. I had some trouble loading the whole crush, so try splitting the file up. 15-20 files should do it .. he he he he )

Open SQL Query analyser and run this
create_snort_fn.sql

Fire up under snort, and se that everything works. Try open a browser and request null.ida, to see that snort logs to the database.
Then, modify Connection String in snort.asp.
If you have as much trouble making connection strings on the fly, as me. Try this trick.
Right click on desktop. Create a Text document. Rename the document to Test.udl . Say yes to the popup. Double click the file, and follow the 3 easy steps for creating an connection. Open the text file in notepad, and theres you're connection string :)

That should be it ?
Thers no support on this, but I'm open to suggestions on improvements. If somebody loves documenting code, I'd love to implement you're comments in the code ( are there really people that likes that, besides my boss ? )

Allan Zimmermann
http://msluder.dk/snort_reporter
TCP.IP component used for DNS resolving can be downloaded her.here
Download: snort_reporter
Exsample: snort_reporter
SnigerOsten at Chatportal.dk