Snort mailing list archives

RE: SnortSnarf

From: "Michael Steele" <michaels () winsnort com>
Date: Thu, 16 Oct 2003 16:53:56 -0700

Michael,

 

Follow the appropriate guide for installing your IDS using Snortsnarf and
the instructions are there on how to install the time modules.

 

The problem you are having is user inflicted not "of syntax because I am on
Windows and not on Unix/Linux???".

 

Cheers...

-Michael Steele
--
 System Engineer / Security Support Technician    
 mailto:michaels () winsnort com   
 Website: http://www.winsnort.com
 Snort: Open Source Network IDS - http://www.snort.org

  _____  

From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Martin Jr., D.
Michael
Sent: Thursday, October 16, 2003 2:22 PM
To: snort-users () lists sourceforge net
Subject: [Snort-users] SnortSnarf

 

Before I start, I want to say, "Thanks!" to all of you helpful and patient
individuals out there.  Yes, I am new to Snort and "for now" it seems like
as soon as I solve one problem, I get one more question.  That being said.

 

 

I am in a Windows environment (go ahead a chuckle) and have started using
Snort.  I now have my switch issues solved and (mainly thanks to folks at
SwordSoft and their VIA log analysis tool), I have been getting some
information out.  Unfortunately, since I am at a University and mainly
sniffing traffic in residence halls (viruses are the main problem), I have
Snort alert.ids files that are huge (27+MB for a half-day).  This appears to
be way too much for VIA.

 

Enter SnortSnarf.

Now, (yes, I have visited WinSnort with little success thus far) I am having
problems with SnortSnarf.  I am perfectly happy running it from a command
prompt and don't need IIS for that (I can figure that out later).  But I
keep getting the following error:

 

Can't locate Time/ParsDate.pm in @INC... line 18

BEGIN failed-compilation aborted . line 18

And so on. (four errors in all)

From the looks of things, I am assuming, the issues is probably one of

syntax because I am on Windows and not on Unix/Linux???  I have tried
correcting the problems from within the command line but no success.  Any
suggestions would be greatly appreciated.

 

Thanks,

 

Michael Martin

University of Montevallo

Current thread:

snortsnarf grant (Oct 14)
- RE: SnortSnarf Michael Steele (Oct 14)
- <Possible follow-ups>
- SnortSnarf Martin Jr., D. Michael (Oct 16)
  - RE: SnortSnarf Michael Steele (Oct 16)
- RE: SnortSnarf grant (Oct 16)
- RE: SnortSnarf Martin Jr., D. Michael (Oct 16)
- RE: SnortSnarf grant (Oct 16)
- RE: SnortSnarf grant (Oct 18)