IDS mailing list archives

Re: Export ethereal cap file to SQL database with all details

From: Jason Brvenik <jason.brvenik () sourcefire com>
Date: Wed, 16 Aug 2006 21:26:15 -0400

I just cooked up a perl script to do just this because people keep
wanting to use Snort for it. The script uses a Snort database as it's
back end and will create log entries the same as the Snort engine would,
including packet data.

The code is still very much in the early phase but a functioning version
with minimal testing is available @

http://cerberus.sourcefire.com/~jbrvenik/unified_perl/

MARTIN Benoni wrote:

Do you want to do this one or periodically ? For once, really easy :

1. Import your pcap file under Ethereal.
2. Export it in CSV format (http://www.ethereal.com/docs/eug_html/#ChIOExportCSVDialog)
3. Import the CSV file in a SQL Database. Drop me an email if you want the stored procedure for this (10 lines max :) 
)

Hope this helps !



-----Message d'origine-----
De : nksdata () gmail com [mailto:nksdata () gmail com] 
Envoyé : jeudi 10 août 2006 11:20
À : focus-ids () securityfocus com
Objet : Export ethereal cap file to SQL database with all details

Hi All,



I want to export ethereal cap file to SQL database with all details.



Please suggest any method for it.



Regards,

Nagesh Lad

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------


-- 
Jason Brvenik - Sourcefire
PGP: 89C6 DE77 3B32 FC03 A5AE B5DD 11DF 4C8B 0D8E 3383
Key: http://cerberus.sourcefire.com/~jbrvenik/jason.brvenik.pgp.key

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

Current thread:

Export ethereal cap file to SQL database with all details nksdata (Aug 14)
- Re: Export ethereal cap file to SQL database with all details Hugo Francisco González Robledo (Aug 17)
  - Re: Export ethereal cap file to SQL database with all details Raffael Marty (Aug 21)
- <Possible follow-ups>
- RE: Export ethereal cap file to SQL database with all details MARTIN Benoni (Aug 16)
  - Re: Export ethereal cap file to SQL database with all details Jason Brvenik (Aug 17)