Snort mailing list archives
RE: Changing the filename format for alerts
From: Matt Yackley <Matt.Yackley () perkinswill com>
Date: Tue, 15 Oct 2002 14:42:26 -0500
Tim, I'm in the same boat as you and won't be able to go to 1.9.0 until this is figured out, since I don't know much about programming, I sent the log.c file of to a programmer I know to see if he can tell me what to change. Time to see who is quicker, the list or my friend! :-) Matt -----Original Message----- From: McKim, Tim [mailto:McKim () nsf org] Sent: Tuesday, October 15, 2002 11:36 AM To: Snort-Users (E-mail) Subject: [Snort-users] Changing the filename format for alerts I posted this awhile ago to find out how to change this in 1.8.x. Someone was kind enough to help me out then. Unfortunately in 1.9 I have not been able to find out how to change the format. So.... Here is my original message as it describes exactly what I am trying to accomplish: I run snort on a Linux box and then take the /logs directory tar it and ftp it to my Windows workstation to view the logs and the alert file. The problem is that the file format under the IP address directory is TCP:xxxx-xx. Windows chokes on the :. Is there an option to change this format? If so, where? Thanks, Tim ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Changing the filename format for alerts McKim, Tim (Oct 15)
- <Possible follow-ups>
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)
- RE: Changing the filename format for alerts Erek Adams (Oct 15)
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)
- RE: Changing the filename format for alerts Erek Adams (Oct 15)
- RE: Changing the filename format for alerts Matt Yackley (Oct 15)