Take a look at my site www.manntechcomputersinc.com We have developed a visualization tool for pix/asa and snort. It maps ip to geographical locations countries (source or destination), anonymous proxies , sat providers, regions etc. We repsent countries by flags and provide users to add their own icons. I'd be interested to hear what people think....
Trackback URL for this post:
http://www.secviz.org/trackback/194
2.0
I have added a 2.0 version. We now incorporate the organizational and lat/long data. We've added a world map and a timeline feature. The timeline allows searches for the last hour. I thinks its pretty good for traffic analysis as the filters are pretty powerful.
True to my word, we've made 1.0 a free download now that we have 2.0 up and running.
you can download this "lite" version (has no worldmap, timeline, Microsoft windows or organizational data) here
http://www.manntechcomputersinc.com/Demo_Page.html
Click on the free download link.....
Update
I've now updated SOI to do Microsoft windows syslog (event Viewer) as well. I use Snare open source event viewer to syslog from intersect Alliance. I have also update my subscription for the geographical data...we will now be able to map ip to ISP/City/LAT/LONG/Organization (i like that one in particular)...We have a time line and a global map in the pipeline...Oh and we also added video and audio alerts...could be useful for creating a training aid...I hope to create a "cut down" version that will be open source ...