One of the Sourcefire field engineers has whipped up a Perl script that will take events generated by Snort or a Sourcefire appliance and map them using Google Earth.

You can find a write up here at Leon's blog where he has an interesting example relating to worm activity.

A copy of the script is available here at Jason's site

Nice work Leon.