Re: snort_stat.pl

["Scott A. McIntyre" <scott () xs4all nl>]

Also sprach Roeland Weve (roeland () office netland nl):

> I am trying to use snort_stat.pl, but I can't get any output ...

Only the very latest snort_stat.pl will handle (read: ignore) the line
that has the Classifications and Priorities.  Make sure that you
download that verson from wherever it lives (there's a link from
www.snort.org).  I think the latest version is 1.15.2.1

Two other points about snort_stat.pl and version 1.8 rules:

1)  If you use -y for outputting year, make sure you adjust the script
accordingly, or it will get very confused.  The pattern match only looks
for month/day.

2)  It can not handle the new format (from CVS) alert line of:

[**] [1:718:1] TELNET - login incorrect [**]

I changed log.c to make this go away rather than deal with the regexp in
the perl (hate regexp).

Scott.



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users