Snort mailing list archives
Machine-readable stream4 stats
From: "Mayers, Philip J" <p.mayers () ic ac uk>
Date: Tue, 14 Aug 2001 16:50:01 +0100
This might make more sense (much easier to parse). gettimeofday would be the
preferred function for filling out the start/end times - I don't think it's
very cross-platform though...
--- snort-1.8.1-rc2-local/spp_stream4.c Tue Aug 14 16:46:43 2001
+++ snort-1.8.1-rc2/spp_stream4.c Fri Aug 10 21:39:52 2001
@@ -2204,13 +2204,6 @@
}
else if(s4data.track_stats_flag == STATS_MACHINE_READABLE)
{
- fprintf(session_log, "%u %u %u %u %u %u %u %u %u %u\n",
- ssn->start_time,
- ssn->last_session_time,
- ssn->server.ip, ssn->server.port,
ssn->server.pkts_sent, ssn->server.bytes_sent,
- ssn->client.ip, ssn->client.port,
ssn->client.pkts_sent, ssn->client.bytes_sent
- );
-/*
lt = localtime((time_t *) &ssn->start_time);
s = (ssn->start_time + thiszone) % 86400;
@@ -2234,7 +2227,6 @@
fprintf(session_log, "port: %d pkts: %u bytes: %u]\n",
ssn->client.port, ssn->client.pkts_sent,
ssn->client.bytes_sent);
-*/
}
if(ubi_trCount(RootPtr))
Regards,
Phil
+------------------------------------------+
| Phil Mayers |
| Network & Infrastructure Group |
| Information & Communication Technologies |
| Imperial College |
+------------------------------------------+
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Machine-readable stream4 stats Mayers, Philip J (Aug 14)