Snort GUI
There is one question that people tend to ask once they start learning to use Snort. Is there a Snort GUI?
There are several different options if you want a GUI for Snort. Here is a quick table:
| ACID | Very old web interface |
| BASE | Replacement for ACID, also old and abandoned, still good though, PHP based |
| Snorby | Another web interface for Snort, also abandoned, uses Ruby on Rails |
| OSSIM | From AlienVault, now owned by AT&T Cybersecurity |
| PLACID | Phil Loathes ACID, text based interface to look at Snort events |
| SGUIL | TCL GUI, heavy weight solution |
| Splunk | Not specifically a Snort GUI but can be used as one |
| Grafana | Not specifically a Snort GUI but can be used as one |
| Snowl | I only recently discovered this. It doesn’t look free but I haven’t looked into it yet. |
Snorby
Snorby can still be found on Github here: https://github.com/Snorby/snorby
It looks like their original domain ( snorby.org ) is now owned by some hosting provider who is selling it for over $2000 (it is probably worth that or more). If you try to go to the site it will redirect you to one of server random, spammy domains that try to trick you to download junk software.