Snort mailing list archives
Re: Unified logging
From: "Mike Macias" <mike.macias () caci-nsg com>
Date: Sun, 31 Mar 2002 14:05:31 -0500
tcpdump can read these types of files. Use the following syntax: tcpdump -r snort-0331 () 1224 log This tells tcpdump to read from a file instead of sniffing traffic off the wire.
Are there programs that can understand the file snort -b created? Or how can I fully utilize that file? Example is: bash# ls -l total 3 -rw------- 1 root wheel 246 Mar 31 12:25 alert -rw------- 1 root wheel 0 Mar 31 12:05 portscan.log -rw------- 1 root wheel 476 Mar 31 12:25 snort-0331 () 1224 log <- this
one
-rw------- 1 root wheel 24 Mar 31 12:29 snort-0331 () 1226 log Thanks. Neil _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort activating my own script Naor (Mar 31)
- Unified logging Onie Camara (Mar 31)
- Re: Unified logging Mike Macias (Mar 31)
- Re: Unified logging Onie Camara (Mar 31)
- Re: Unified logging Mike Macias (Mar 31)
- Re: Unified logging Mike Macias (Mar 31)
- Unified logging Onie Camara (Mar 31)