3. PHP script to create OTRS abuse tickets by snort alerts triggered

PHP script to create OTRS abuse tickets by snort alerts triggered

  • ?

    Thought to share this, as it may be useful to somebody else.

    It's a simple php script to automatically create OTRS tickets (mostly for Abuse depts) via its RPC API when snort triggers a specified alert.
    The idea came to my mind because we got sick of creating hundreds of abuse tickets for certain intrusion attempts on a daily basis.

    The script is not limited to but can be used in combination with the Cron package on pfSense to completely automate the process.
    Abuse contacts for a certain ip address are queried via dns from abusix.org.

    Note:  Requires the php56-xmlrpc module which can be installed via freshports on pfsense.

    Link: https://gist.github.com/dschallert/fa0870a252f8326d5d8663af27adc362

    Maybe I will develop a more general purpose IDS/IPS alerting module for pfSense with various options soon.

    Suggestions are greatly welcome.

    Thanks

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy