Today I am performing some maintenance on my Snort IDS, and also practicing for my upcoming Snort CP exam. We shall examine some scripts and applications that can be used to make Snort a little more automated and transparent to the administrator, as well as increase Snort’s overall performance. What I’d like to focus on today is oinkmaster and crontab.

The scope of this post, however, assumes that you have snort installed already, and are advanced enough to understand your IDS system. I am not going to cover the installation of snort at this time. Today I am just going to cover some automation and performance.

Let’s get ready to Snort it up.