Snort mailing list archives

RE: logging question

From: jan () radio hundert6 de
Date: Fri, 25 May 2001 13:59:51 -0000 (GMT)

Hi,

is there anyway to have the alert also dump the hex
packet/datagram as
well
like I get in standard output when I issue the snort command
"snort -vv -i eth0 -X", for example:


could it be you're talking about the -d command line switch ( -d
for dump)...? Gives you dumps of all the alert-triggering
packets in a dir named after the relevant source address. 


Cheers, Jan
-- 
Radio HUNDERT,6 Medien GmbH Berlin
- EDV -
j.muenther () radio hundert6 de

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

logging question Fred Edwards (May 25)
- RE: logging question jan (May 25)
- <Possible follow-ups>
- RE: logging question Anthony Buser (May 25)
- RE: logging question Anthony Buser (May 25)
  - Re: logging question Fred Edwards (May 25)
  - RE: logging question James Hoagland (May 29)
- RE: logging question Anthony Buser (May 25)
  - RE: logging question Gregory Mingus (May 25)