|
CommSTAT
|
CommSTAT provides a means to create
secure connections between STAT components. CommSTAT
connections are used to exchange control messages and
information, e.g., alerts. Data sent through CommSTAT
connections is formatted according to the IDWG's Intrusion
Detection Exchange Message Format (IDMEF). The library uses
SSL.
|
|
STAT Proxy
|
The STAT proxy acts as an intermediary between a
STAT-based application and the MetaSTAT controller. A STAT
proxy is responsible for maintaining a host-based repository
of STAT modules.
|
|
Controller
|
The controller maintains connections to
the deployed STAT proxies and provides a user interface that
allows an operator to issue control messages to STAT-based
applications.
|
|
Collector
|
The collector gathers IDMEF alerts from
the deployed STAT-based sensors and stores them in an alert
database.
|
|
Viewer
|
A Java application that
provides a graphic user interface for browsing the alerts
stored in the centralized alert database.
|