Snort mailing list archives

SANS

From: "Gyorda.com" <snort () gyorda com>
Date: Wed, 17 Jul 2002 10:28:08 -0400

Hello,
    Anyone done the SANS practical for Intrusion Detection?  If so how does
one analyze part three of the practical where we have to take thousands of
snort logs and analyze them?  Is there some simple method of importing them
into ACID or snort snarf?  I can't see using grep/sort/find on all these
logs and being done in time.

Big G



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

SANS Gyorda.com (Jul 17)
- Re: SANS Imran William Smith (Jul 17)
- <Possible follow-ups>
- Re: SANS stefan dens (Jul 17)