RE: Also new to Snort

[Michael Aylor <maylor () swbanktx com>]

Snort isn't really designed as a "bandwidth" tracker.  While it does sniff
traffic, it isn't really designed to tell you "bits per second per
protocol".  You might try tcpstat, or I'm sure there are plenty of others
out there too that will give you pretty graphs and charts too.
 
Heck, if you're any good at perl, you could probably just use tcpdump and
some scripts to parse the data to a format you like.
 
 
Mike
-----Original Message-----
From: Geoff Hirschi [mailto:snowulf () qwest net]
Sent: Friday, November 09, 2001 12:33 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Also new to Snort


Hiya!
 
I am very new to Snort.  To compound my trouble, Snort is the first sniffer
software I have ever tried to work with.
 
Primarily we are looking for a something that will give us real time
indication of how our bandwidth is being used on our subnet.  In the
documentation on the website and in the readme I saw several refrences to
using Snort as a bandwidth monitor, but I was not able to find any
instructions on how to use it that way.  I am perfectly willing and able to
RTFM - but I cant seem to find the refrence in the FM that I need.  Can
someone please point me to the starting point?  In case it matters, I am
running the WindersNT version of Snort.
 
Regards,
 
Geoff 


CONFIDENTIALITY NOTICE:

************************************************************************

The information contained in this ELECTRONIC MAIL transmission
is confidential.  It may also be privileged work product or proprietary
information. This information is intended for the exclusive use of the
addressee(s).  If you are not the intended recipient, you are hereby
notified that any use, disclosure, dissemination, distribution [other
than to the addressee(s)], copying or taking of any action because
of this information is strictly prohibited.

************************************************************************