Snort mailing list archives
csv input of honeysuckle
From: "Maetzky, Steffen (Extern)" <Steffen.Maetzky () gedas de>
Date: Tue, 20 Jul 2004 12:20:27 +0200
Hi, After a good night, I know the solution of my problem from yesterday: I can't use an empty log.csv, because it is the input (and not the output what I have thought even it is described as input - perhaps to much coffee and too few breaks???) But now I have problems with generating the log.csv. Brian Caswell wrote that he use the following csv-format: srcip, dstip, priority, event This fields doesn't seem to be supported by snorts csv output. I know that barnyard-0.2.0 is able to make csv outputs but it has no event field. Should I use event_id or event_reference instead of event? Does anyone know if the script works after adding other fields? Which output uses honeysuckle (sreen or file? Which file?) (sorry, but I'm not a perl programmer) Thanks in advance, Steffen ------------------------------------------------------- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- csv input of honeysuckle Maetzky, Steffen (Extern) (Jul 20)