Re: Packet Number in Log file

["Russ Combs (rucombs)" <rucombs () cisco com>]

________________________________
From: Beenish Raza [beenish.raza () hotmail com]
Sent: Wednesday, June 25, 2014 10:59 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Packet Number in Log file

I have to match a set of rules against a traffic trace file (pcap file). I have to report a packet which contains a 
specified rule. The issue is that I want to log the packet number of the packet as well while logging those packets 
which contain a match. E.g I have a pcap file with 10 packets and 8th packet gets matched against a certain rule. In 
this case, I want that the log should also specify that 8th packet contains a match.

I used   –A alert to log to a file and get something like this in output:
08/15-17:27:48.482649  [**] [1:500020:0] Rule no.20 [**] [Priority: 0] {TCP} 244.85.5.101:443 -> 10.34.6.10:38835

Now, I am not getting it where is the packet number because the (testing) pcap file I am using just contains 14 packets.

* Try -A console:test instead.

------------------------------------------------------------------------------
Open source business process management suite built on Java and Eclipse
Turn processes into business applications with Bonita BPM Community Edition
Quickly connect people, data, and systems into organized workflows
Winner of BOSSIE, CODIE, OW2 and Gartner awards
http://p.sf.net/sfu/Bonitasoft

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!