Re: snort and sflow?

[shanks () student woodward edu]

We are currently using Ntop for sflow but I heard someone talking about
using snort for gathering information off of a foundry switch with sflow
capabilities.  I thought it would be good to have both running.

Jim


> On Wed, 22 Oct 2003 shanks () student woodward edu wrote:
>
> > Can anyone point me to some directions for using snort to pull in sflow
> > data off of a core switch?
>
> You're trying to use the wrong tool for the job.  Snort is an IDS, it's
> not a sflow collector.  If you want it to parse the sflow data, you'd need
> to build a decoder for that.  It would be simpler just to setup a
> collection station for sflow.
>
> Cheers!
>
> -----
> Erek Adams
>
>    "When things get weird, the weird turn pro."   H.S. Thompson




-------------------------------------------------------
This SF.net email is sponsored by OSDN developer relations
Here's your chance to show off your extensive product knowledge
We want to know what you know. Tell us and you have a chance to win $100
http://www.zoomerang.com/survey.zgi?HRPT1X3RYQNC5V4MLNSV3E54
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users