Snort / SnortSnarf question about packet capture filenames

[Matt Yackley <Matt.Yackley () perkinswill com>]

Hello all,

I run Snort & SnortSnarf on a Linux box, but would like the ability to move
the data off and be able to read it on a Windows box.  Since Windows can't
handle filenames like TCP:xxxxx-xxx, I have changed the Snort code to log
the packet capture files with TCP_xxxxx-xxx.  Now I need to get SnortSnarf
to create the proper links on the alert details page.  I'm not a programmer
or perl scripter by any means, however I did try a couple of changes to the
HTMLOutput.pm file, but they did not help.  The one change that I thought
would have worked was changing 'logfileprototerm' =':' to ='_'.  Any ideas
on where I need to change SnortSnarf to make this work?

Thanks,
Matt Yackley



-------------------------------------------------------
This sf.net email is sponsored by: Jabber Inc.
Don't miss the IM event of the season | Special offer for OSDN members! 
JabConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users