Statistics module Suricata/Snort??
-
Would it be possible to create a statistics module that details what ever is in the logs??
Like:
Alerts/blocks pr. day/week/mth/quarter/yr??
Most alerts/blocks pr. rule pr. IP/alias?
Things like that.
-
There are several third-party tools available that do things like that (including fancy charts). Check out an ELK or Grafana setup.
Here is a link to a recent thread posted by @kiokoman detailing his Grafana setup: https://forum.netgate.com/topic/156330/pfsense-firewall-and-suricata-log-to-grafana-with-logstash-worldmap-panel.