Snort mailing list archives

Previous By Date Next
Previous By Thread Next

script to feed snort log directory data into acid

From: skeller1 () cscploenzke de
Date: Mon, 21 May 2001 16:06:40 +0200
Hi there,

does anyone have a (perl?) script to feed the snort log data
stored in a directory (-l .) into the mysql database used by acid?

that is.. a script that puts things like this:

[**] ids 4711 - SNMP access, public [**]
05/21-13:28:20.921901 0:50:F:5:26:0 -> 0:30:80:44:43:80 type:0x800 len:0x68
45.29.229.295:1157 -> 45.29.229.135:161 UDP TTL:126 TOS:0x0 ID:61327
Len: 70
32 85 10 3B 02 11 00 00 16 71 05 42 3C 39 61 B0  0..:.....public.
8A A0 2A AA 01 20 E8 16 22 11 10 0B 21 11 33 22  ..+..$........0.
10 2C 33 0D 16 07 11 06 11 22 11 11 11 01 15 10  ..0...+.........
31 0B A6 18 23 04 11 22 11 0A 21 12 32 0A        0...+.........

into the database..?

Would be nice to consolidate data from differen platforms..

Regards

Stefan



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: