Snort mailing list archives
How to Determine time tick value
From: Amtul Saboor <saboor.amtul () gmail com>
Date: Fri, 27 Jun 2014 14:25:44 +0500
I have already posted this query but no one responded so starting a new thread: I m running snort in linux backtrack , i installed latest version of snort and i m trying to make a dynamic preprocessor by modifying sample dpx.c file of dpx ( example preprocessor) I am trying to count unique source ips arriving pr second and I also want to do this with more gap of intervals , i mean i want to count unique source ips for every fourth second. But the time tick value cant be determined, here is what m doing: *sec = time(NULL); t= sec-sec_ref;* * if(t == 1) {* *---- Do whats needed----* * }* *if(t == 4)* * {* *---- Do whats needed----* * }* But the value of "t" does not seem to increment after 1 or 2 at max. 1. *In Short I basically need to identify the current tick value regardless of it is being seconds or milliseconds. * 2. *Also , kindly let me know the format specifier for the value of time "t" to be printed at various intervals * Please help Kind Regards *Amtul Saboor* *MS (Information Security)* *Military College of Signals, National University of Science & Technology, Rawalpindi* *Pakistan*
------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- How to Determine time tick value Amtul Saboor (Jun 27)