Snort mailing list archives
Pcap filename from --pcap-dir?
From: Andre DiMino <adimino () sempersecurus org>
Date: Sat, 5 Jan 2013 09:23:10 -0500
I often run snort against a directory of dumped pcaps from sandbox output using the --pcap-dir option. I output the entire run in csv format. Ideally, I'd like to include the name of the pcap or other identifying information in the csv output. I know I could script something to read one file at a time and output it that way, but I'm looking to make better use of the --pcap-dir option in an automated bulk process. Has anyone done something similar who can shed some ideas? Thanks! Andre' -- Andre' M. DiMino DeepEnd Research http://deependresearch.org http://sempersecurus.org "Make sure that nobody pays back wrong for wrong, but always try to be kind to each other and to everyone else" - 1 Thess 5:15 (NIV) ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122912 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Pcap filename from --pcap-dir? Andre DiMino (Jan 05)
- Re: Pcap filename from --pcap-dir? beenph (Jan 05)
- Re: Pcap filename from --pcap-dir? Edward Fjellskål (Jan 05)
- Re: Pcap filename from --pcap-dir? beenph (Jan 05)
- Re: Pcap filename from --pcap-dir? Alex Kirk (Jan 07)
- Re: Pcap filename from --pcap-dir? Edward Fjellskål (Jan 05)
- Re: Pcap filename from --pcap-dir? beenph (Jan 05)