README file for SnortSnarf v062000.1
------------------------------------

Welcome to the release of SnortSnarf v062000.1
(http://www.silicondefense.com/snortsnarf/).  This program creates a set of
HTML pages to allow you to quickly and conveniently navigate around output
files of the Snort intrusion detection system (http://www.snort.org/).

Included in this release is:

snortsnarf.pl   -- the main SnortSnarf program
Usage           -- information on using SnortSnarf 
COPYING         -- GNU General Public License (the license for this release)
Changes         -- Changes since previous versions
README          -- this file
new-annotation-base.xml -- an empty annotation base
cgi/            -- directory containing CGI scripts for SnortSnarf
include/        -- directory containing files included by SnortSnarf
utilities/      -- directory containing utilities for SnortSnarf
nmap2html/      -- directory containing nmap2html files
sisr/           -- directory containing SISR files
sisr/cgi/       -- directory containing CGI scripts for SISR
sisr/include/   -- directory containing files included by SISR
sisr/modules/   -- directory containing SISR Pipeline modules


To run SnortSnarf:
   snortsnarf.pl <options> <file1 file2 ...>
   
See Usage and the top of snortsnarf.pl for information about the source
files, the options, and what is generated.  See the top of the utility
scripts for their documentation.  See README.nmap2html for information about
nmap2html and README.SISR for information about SISR.

This should run under most varieties of Unix.  Versions have been known to run
on OpenBSD and RedHat Linux.

snortsnarf.pl runs under Windows NT.  The CGI scripts, the annotation
feature, IPAddrContact, and nmap2html have not been tested but are expected
to work (let us know if you try them).  The file and directory utilities in
the utilities directory are not especially useful under Windows and have not
been tried.  SISR will not work under Windows.


Installation (minimal)
----------------------
Copy the contents of the include directory to someplace where it will be
found when snortsnarf.pl is run.


Installation (annotations)
--------------------------
If you wish to use the annotations feature of SnortSnarf, you will need to:
  +  place the contents of the cgi directory in a directory where it
  will be executed by your web server as a CGI script, e.g., in your "cgi-bin"
  directory.
  +  place the contents of the include directory where it will be found when
  CGI scripts run and when snortsnarf.pl is run (e.g., your "site_perl"
  directory)
  +  set up a directory to store the annotations in persistantly, e.g., by
  running the setup_anns_dir.pl utility or copying new-annotation-base.xml to
  a directory (giving it an appropriate name) and setting up the permissions
  +  if needed, install the XML::Parser Perl module
(See also the "Annotations" section of the Usage file.)


Installation (SISR)
-------------------
Follow one of the installation directions above plus the installation
directions in README.SISR.


Contributions
-------------
We welcome your complaints, kudos, and especially improvements and bugfixes.  
We wish for this to be a useful as possible, so your feedback and assistance
is important.  You may reach us at hoagland@SiliconDefense.com.

Thank you and happy SnortSnarfing!

-- Jim Hoagland (hoagland@SiliconDefense.com)
   Stuart Staniford (stuart@SiliconDefense.com)
   Joe McAlerney (joey@SiliconDefense.com)
