Snort mailing list archives
Re: Trouble reading snort.log.*
From: Michael Boman <michael.boman () securecirt com>
Date: Mon, 14 Apr 2003 13:59:27 +0800
On Mon, Apr 14, 2003 at 12:03:35AM -0500, Jacques wrote:
Is it my imagination, or did I use to be able to dump snort.log with tcpdump ? Using snort-2.0.0rc4 [localhost:/var/log/snort] root# tcpdump -f snort.log.1050279226 tcpdump: parse error
Try: tcpdump -r snort.log.1050279226 Also, make sure it's a pcap file by running: file snort.log.1050279226 Best regards Michael Boman -- Michael Boman Security Architect, SecureCiRT Pte Ltd http://www.securecirt.com
Attachment:
_bin
Description:
Current thread:
- Trouble reading snort.log.* Jacques (Apr 13)
- Re: Trouble reading snort.log.* Michael Boman (Apr 13)