Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snortsnarf problems

From: "Perrymon, Josh L." <PerrymonJ () bek com>
Date: Wed, 12 Nov 2003 16:09:05 -0600





I'm running snort and logging to my apache directory
/usr/local/www/data-dist/snort

I'm running passing the following command line options-

snortsnarf /usr/local/www/data-dist/snort -d /usr/local/www/data-dist

And I get the error messages below...

Any ideas?????



snortsnarf /usr/local/www/data-dist/snort -d /usr/local/www/data-dist
unknown alert format for line: { at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 1.
unknown alert format for line: index.html at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 2.
unknown alert format for line: 10.1.26.27 at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 3.
unknown alert format for line: 10.1.26.67 at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 4.
unknown alert format for line:
 at /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 5.
unknown alert format for line:  at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 6.
unknown alert format for line:  at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 7.                              at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 8.known alert format for line:
unknown alert format for line: 138.32.4.5 at
/usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
<inputfile001> chunk 9.

Joshua Perrymon
Sr. Network Security Consultant
BE&K Information Security Dept.
2000 International Park Drive
Birmingham, Al 35243
Voice ( 205 ) 972-6745





-------------------------------------------------------
This SF.Net email sponsored by: ApacheCon 2003,
16-19 November in Las Vegas. Learn firsthand the latest
developments in Apache, PHP, Perl, XML, Java, MySQL,
WebDAV, and more! http://www.apachecon.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: