Snort mailing list archives

RE: Unified Alert Output and IP Reversal

From: Steve Halligan <giermo () geeksquad com>
Date: Thu, 11 Apr 2002 14:30:31 -0500

I don't have the problem using log_acid, I only see it with alert_acid.

Try that.
-steve


All,

I've seen this mentioned before, but thought I'd ask as well.  I've set
up snort to output both logs and alerts via the unified plugin.  I'm
setting barnyard up to feed several outputs with the snort data. 
However, the ip address fields are reversed (ie 192.168.2.1 becomes
1.2.168.192)

What is the best way to get around this so that I can get the proper
format fed into my reports?

Thanks
-- 
James Harrison  RHCE,CCNA


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Unified Alert Output and IP Reversal James Harrison (Apr 11)
- Re: Unified Alert Output and IP Reversal Michael Scheidell (Apr 15)
- <Possible follow-ups>
- RE: Unified Alert Output and IP Reversal Steve Halligan (Apr 11)