RE: Using snort for network stats?

["Jeff Dell" <jdell () activeworx com>]

You can do a kill with -SIGUSR1 and then pull some basic stats from the
messages file but
Snort really wasn't designed to do this, try NTOP (http://www.ntop.org/)
you might like the additional information that you can get.

Jeff

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Michael
Miller
Sent: Tuesday, October 28, 2003 1:29 PM
To: 'snort-users () lists sourceforge net'
Subject: [Snort-users] Using snort for network stats?


Since I'm using snort to capture nearly everything that enters and
exists our network, I was curious to see if there was a utility to show
network metrics based on that data. Google didn't find much (or I asked
the wrong questions) and Ethereal is choking on the large dataset, so
that's out. I'm mostly interested in effective thruput, percentages of
TCP/UDP/ICMP data, breakdown of traffic by protocol, etc.




-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users