December 7th, 2004, 15:01
Announcing the release of sguil version 0.5.3.

Additions include the ability to import and query nessus reports, text
search for transcripts, and much pertifying and bugfixing. Full
changes/updates can be found here [0].

Sguil (pronounced sgweel) is built by network security analysts for
network security analysts. Sguil's main component is an intuitive GUI
that provides realtime events from snort/barnyard. It also includes
other components which facilitate the practice of Network Security
Monitoring and event driven analysis of IDS alerts. The sguil client
is written in tcl/tk and can be run on any operating system that
supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).

More information about sguil and NSM can be found in Richard
Bejtlich's [0] book, "The Tao of NSM" [1]. Chapter 10 gives awesome
insight into using sguil and is available online [2].

I'll have the demo server ( upgraded soon for
those who want to go for a test drive. As always, more information
and help can be found via the mailing lists or in #snort-gui on

</shameless plugs>

Happy Holidays!


sguil - The Analyst Console for NSM