Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: snort_stat.pl

From: Roeland Weve <roeland () office netland nl>
Date: Thu, 14 Jun 2001 15:46:16 +0200
Hello,

Just one minute ago the author (Yen-Ming Chen) mailed me that this
problem is fixed!
Great work of course!
The version right now is 1.15.2.2 and it works right now.

Roeland


Also sprach Roeland Weve (roeland () office netland nl):


I am trying to use snort_stat.pl, but I can't get any output ...


Only the very latest snort_stat.pl will handle (read: ignore) the line
that has the Classifications and Priorities.  Make sure that you
download that verson from wherever it lives (there's a link from
www.snort.org).  I think the latest version is 1.15.2.1

Two other points about snort_stat.pl and version 1.8 rules:

1)  If you use -y for outputting year, make sure you adjust the script
accordingly, or it will get very confused.  The pattern match only looks
for month/day.

2)  It can not handle the new format (from CVS) alert line of:

[**] [1:718:1] TELNET - login incorrect [**]

I changed log.c to make this go away rather than deal with the regexp in
the perl (hate regexp).

Scott.


-- 
Netland Internet Services
bedrijfsmatige internetoplossingen

http://www.netland.nl   Kruislaan 419              1098 VA Amsterdam
info: 020-5628282       servicedesk: 020-5628280   fax: 020-5628281

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: