There's a tcl script added to sguil which is not much be used yet - incident_report.tcl, it resides in /usr/local/stow/sguil-0.6.0p1/server/contrib if you use my Sguil Vmware Image, this script really fills the part of sguil where you can't generate a nice report for the incidents. Using incident_report.tcl, you can generate the report by just running the command below.
With that I have generated the IR_report.html and this is good since I guess most of the companies require you to send or submit reports when you are performing your task, that should be it. You can generate the html report by specifying the starting and ending date as well, however other options that you can define, I just leave it for you to figure out.
Enjoy the screenshots :]
shell>/usr/local/stow/sguil-0.6.0p1/server/contrib/incident_report.tcl --outfile IR_report.html
With that I have generated the IR_report.html and this is good since I guess most of the companies require you to send or submit reports when you are performing your task, that should be it. You can generate the html report by specifying the starting and ending date as well, however other options that you can define, I just leave it for you to figure out.
Enjoy the screenshots :]
No comments:
Post a Comment