Snort mailing list archives

Re: Trouble reading snort.log.*

From: Michael Boman <michael.boman () securecirt com>
Date: Mon, 14 Apr 2003 13:59:27 +0800

On Mon, Apr 14, 2003 at 12:03:35AM -0500, Jacques wrote:

Is it my imagination, or did I use to be able to dump snort.log with 
tcpdump ?

Using snort-2.0.0rc4

[localhost:/var/log/snort] root# tcpdump -f snort.log.1050279226
tcpdump: parse error


Try: tcpdump -r snort.log.1050279226

Also, make sure it's a pcap file by running:

file snort.log.1050279226

Best regards
 Michael Boman

-- 
Michael Boman
Security Architect, SecureCiRT Pte Ltd
http://www.securecirt.com

Attachment: _bin
Description:

Current thread:

Trouble reading snort.log.* Jacques (Apr 13)
- Re: Trouble reading snort.log.* Michael Boman (Apr 13)