#!/usr/bin/perl -w
#
# sumalerts
#
# Summarize snort alerts for nmap related scans
# Use /var/log/snort/alert for input to this script
#
# Nick DeBaggis
#

use strict;

my %hash;

while(<>){
   chomp;
   if(/nmap|null|xmas/i){
      $hash{$_}++;
   }
}

print "Statistics\n";
foreach(sort {$hash{$b} <=> $hash{$a}} keys %hash){
   print "$_ - $hash{$_}\n";
}