Snort mailing list archives
Unified Alert Output and IP Reversal
From: James Harrison <james.harrison () amcg com>
Date: 11 Apr 2002 14:05:00 -0500
All, I've seen this mentioned before, but thought I'd ask as well. I've set up snort to output both logs and alerts via the unified plugin. I'm setting barnyard up to feed several outputs with the snort data. However, the ip address fields are reversed (ie 192.168.2.1 becomes 1.2.168.192) What is the best way to get around this so that I can get the proper format fed into my reports? Thanks -- James Harrison RHCE,CCNA
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Unified Alert Output and IP Reversal James Harrison (Apr 11)
- Re: Unified Alert Output and IP Reversal Michael Scheidell (Apr 15)
- <Possible follow-ups>
- RE: Unified Alert Output and IP Reversal Steve Halligan (Apr 11)