Snort mailing list archives
Program that reads unified log format natively
From: Ben Nelson <lists () venom600 org>
Date: Tue, 21 Oct 2003 19:39:12 -0600
I'm looking for a program that will read Snort unified log format files natively and spit out (to STDOUT preferrably) tcpdump-like information gleaned from these files. Anybody seen anything like that?
I'm using '-e' to log link layer characteristics of alert packets and this information doesn't seem to make it into my snort database after mudpit gets through parsing the unified log files. I rarely need this information, but if I could go back and use a program like I described to parse my archived unified log files to find link layer information after the fact, that would be very useful to me.
Thanks, --Ben ------------------------------------------------------- This SF.net email is sponsored by OSDN developer relations Here's your chance to show off your extensive product knowledge We want to know what you know. Tell us and you have a chance to win $100 http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Program that reads unified log format natively Ben Nelson (Oct 22)
- <Possible follow-ups>
- RE: Program that reads unified log format natively Williams Jon (Oct 24)
- RE: Program that reads unified log format natively Erek Adams (Oct 24)
- Re: Program that reads unified log format natively Ben Nelson (Oct 29)
- Re: Program that reads unified log format natively Bamm Visscher (Oct 25)
- Re: Program that reads unified log format natively Chris Green (Oct 25)
- RE: Program that reads unified log format natively Erek Adams (Oct 24)