The information here is not very helpful yet, but I will add to it as I played around with some more tools...
Snort
You can download on its webpage.
There exist a lot of tools, also on that webpage that assist you in alanyzing the output data.
One of the is:
ACID
Acid is a webinterface that takes the snort-data out of a MySQL database and displays it. The interface offers a variety of features and gives an easy overview of all the data that snort collected. I personally don't like the interface too much. On my machine it tends to be enourmeously slow. Some functions do not work and other things are just not possible. But other people think it's the greatest tool available.
Here is the FAQ:
Demarc
This frontend is also web based and offers a more professional interface. I haven't looked into it too much. But it looks very promising.
SnortCenter
If you have more than one sensor, you will like this tool to manage them. Signature updates, ... this is the way to do it! This is the Web page.
Snare
Snare is a linux host-based intrusion detection system. Some more documentation is in this article.
