Re: Fwd: Snort Alerts in Unix Sockets

["Ed Borgoyn (eborgoyn)" <eborgoyn () cisco com>]

Please look at src/output-plugins/spo_alert_unixsock.h


From: Nauman Ahmad <nauman.ahmad () ebryx com<mailto:nauman.ahmad () ebryx com>>
Date: Wednesday, February 17, 2016 at 12:46 AM
To: "snort-devel () lists sourceforge net<mailto:snort-devel () lists sourceforge net>" <snort-devel () lists 
sourceforge net<mailto:snort-devel () lists sourceforge net>>
Subject: [Snort-devel] Fwd: Snort Alerts in Unix Sockets

I have configured Snort to log alerts to unix socket and they are successfully being logged. However the issue is that 
I have used the code from 'README.UNSOCK' to read from the unix socket and access its members. By compiling it with all 
required libraries included I have removed all linking related errors during compilation, but I am getting an error 
that the structure 'Alertpkt' is not defined which means it cannot be accessed even when Snort.h is included. Kindly 
help me in this regard as the provided example has an 'Alertpkt' variable defined. I am using the most latest source 
code during compilation. If you can provide me the structure of 'Alertpkt' it will help me in accessing the information 
contained.


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!