Content Comparison

Snare Central provides several layers of increasing flexibility. Although a majority of Snare Central customers will be fully comfortable with creating objectives in the user interface, there are also opportunities for advanced users to change the way that Snare reports data.

...

Change the colour of an entire row, based on the content of the row.
Change the colour of a particular field, based on the content of the field, or the content of a row element.
Change the content of a field, based on the previous content of a field, or the content of a row element.

Info

title	Example

For Windows Security logs, use the USERNAME field to scan for the user in question in the corporate personnel directory. If the user exists, append an image link, so that the user's personnel photo is displayed alongside the user name.
When an account is created on a Windows server, highlight the user name in green. When an account is removed, highlight the user name in red.
For PIX firewall events that indicate a packet has been blocked, highlight the entire row in red.

Output modification modules should share the same name as the field, or Token, for which they are designed to modify, but in uppercase characters, and appended with ".php". So, for example, if you wished to create an output modification module for the 'USERNAME' field, you would create a file called 'USERNAME.php'.

...

Version	Old Version 3	New Version Current
Changes made by	Leigh Purdie	Andrew Madge
Saved on	Sept 05, 2019	Dec 04, 2019

Versions Compared

Key