Snort mailing list archives

Changing the filename format for alerts

From: "McKim, Tim" <McKim () nsf org>
Date: Tue, 15 Oct 2002 12:36:14 -0400

I posted this awhile ago to find out how to change this in 1.8.x. Someone
was kind enough to help me out then. Unfortunately in 1.9 I have not been
able to find out how to change the format. So....

Here is my original message as it describes exactly what I am trying to
accomplish:

I run snort on a Linux box and then take the /logs directory tar it and ftp
it to my Windows workstation to view the logs and the alert file. The
problem is that the file format under the IP address directory is
TCP:xxxx-xx. Windows chokes on the :. Is there an option to change this
format? If so, where?

Thanks,

Tim


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Changing the filename format for alerts McKim, Tim (Oct 15)
- <Possible follow-ups>
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)
  - RE: Changing the filename format for alerts Erek Adams (Oct 15)
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)
  - RE: Changing the filename format for alerts Erek Adams (Oct 15)
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)