Welcome to Automata Digital


March 22, 2007 - Config Correction!

Oops. My documentation was incorrect! Here are the _correct_ DB config instructions, as the dbconfig file is in /thresh/include/dbconfig.conf: (sorry)

Current INSTALL (must read!)


March 21, 2007 - Thresh 1.5.0b Released!

So it appears that several update revisions are missing.. I have implemented _major_ changes to this application and needed to start on a new release number. Read the CHANGELOG for details! Basically, DB queries have been streamlined, there is integrated DB pruning and better browser compatibility. That is just scratching the surface. Download and install and see what you have been missing!


March 15, 2007 - Thresh 1.0.2b Released!

What is Thresh? Thresh is a web-based application to help create Snort(c) threshold and suppression files. For IDS admins out there who have been doing this by hand will thank me when they see this. Thresh will read your Snort(c) database and do a _simple_ count of events. This, in turn, allows the admin to quickly summarize event data and create a threshold or suppression for the false positive. Less false-positives means more accurate threat identification. Period.

The target of this application are Security Engineers (like myself) that have a moderate-to-high level of Linux experience that would like to move this task of tuning on to others who lack Linux experience. I hope this helps.

Thresh is Linux based and written in Perl-CGI. I have tested this on RHEL, CentOS and Fedora. (I do not forsee any issues with other RedHat based distros either, like Mandriva..)

My main method of contact will be SourceForge for now. I will post links soon.


Download Current

Download Thresh 1.5.0b now!


Contact: matt[at]automatadigital[dot]info

Thresh(c) is a registered trademark of Automata Digital

Snort(c) is a registered trademark of Sourcefire, Inc.