Snort mailing list archives

Unified Alert Output and IP Reversal

From: James Harrison <james.harrison () amcg com>
Date: 11 Apr 2002 14:05:00 -0500

All,

I've seen this mentioned before, but thought I'd ask as well.  I've set
up snort to output both logs and alerts via the unified plugin.  I'm
setting barnyard up to feed several outputs with the snort data. 
However, the ip address fields are reversed (ie 192.168.2.1 becomes
1.2.168.192)

What is the best way to get around this so that I can get the proper
format fed into my reports?

Thanks
-- 
James Harrison  RHCE,CCNA

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Unified Alert Output and IP Reversal James Harrison (Apr 11)
- Re: Unified Alert Output and IP Reversal Michael Scheidell (Apr 15)
- <Possible follow-ups>
- RE: Unified Alert Output and IP Reversal Steve Halligan (Apr 11)