spo_log_tcpdump plugin

[Joel Healy <Joel.Healy () amphenderson co nz>]

Hi,

I am looking at using the TCPDUMP ouput log plugin and no problems with the
TCPDUMP files created, however i have noticed that hogwash only writes to
the output file when the process is stopped. Is there any configuration that
enables the writing of the TCPDUMP file with a certain frequency?

The reason i ask is that i am looking to scp the TCPDUMP files to a central
correlation point where i then snort -X -r them so they can be served up via
http (linked to by Snortsnarf).

Now the bit that may complicate matters is that i actually talking about
snort 1.8.6 libraries that are used with Hogwash.. 


cheers

joel


-------
(This e-mail message and any accompanying attachments may contain
information that is confidential and subject to legal privilege. If you are
not the intended recipient, do not read, use, disseminate, distribute or
copy this message or attachments.  If you have received this message in
error, please delete the message and, if convenient, inform the sender as
soon as possible.)


-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET 
comprehensive development tool, built to increase your 
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users