Snort mailing list archives

RE: How to enable XML Logging in Snort 2.3.2

From: Jitendra Gupta <jitendrakrgupta_snort () yahoo co in>
Date: Mon, 4 Apr 2005 15:22:31 +0100 (BST)

Thanks a lot Sir for helping me out but sorry to say
that it didn't work.
When I visited      
 http://aircert.sourceforge.net/libairutil/
             and
 http://aircert.sourceforge.net/libih/

They said :-

libairutil has been merged into libair
             and
libih has been merged into libair

and so I installed only libair .Then following your
instructions ,I did the following steps orderly:-

1.      snort-2.3.2]# aclocal-1.7
2.      snort-2.3.2]# autoheader-2.5x
3.      snort-2.3.2]# automake-1.7 --add-missing
4.      snort-2.3.2]# autoconf-2.5x
5.      snort-2.3.2]# ./configure
--with-libair=/usr/local/lib/ --with-mysql
Still ./configure --help  did not have any
 parameter for --with-libair 
6.      snort-2.3.2]# make
7.      snort-2.3.2]# make install
Then after editing snort.conf by adding 
  output xml: log,file=/var/log/snort/output.xml
 above the output database line(I am using MySQL) and
 running the command 
         snort -c snort.conf
 I again got the same error 
 ERROR:unknown output plugin:'xml'Fatal Error,
 Quitting..
Please help,
Jitendra



--- Joshua Berry <jberry () PENSON COM> wrote:

After patching snort, you should probably run:
aclocal
autoheader
automake --add-missing
autoconf

Then run ./configure --with-libih --with-libairtutil

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On
Behalf Of Jitendra
Gupta
Sent: Saturday, April 02, 2005 4:26 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] How to enable XML Logging in
Snort 2.3.2

Hello List,
           I am a newbie to Snort .I have installed
Snort 2.3.2 on Mandrake 9.2 and want to enable XML
logging in it.I have gone through                   
 


       http://www.cert.org/kb/snortxml/

but still cannot achieve it.I installed 
libairutil 0.2.24 and libair 0.4.30.
Then I rebuilt the snort using 
 /configure --with-libih --with-libairtutil.
But when I did ./configure --help I didnot find any
parameter for --with-libih and
--with-libairutil.Still
I continued to do make and make install.Then after
editing
snort.conf by adding 
 output xml: log,file=/var/log/snort/output.xml
above the output database line(I am using MySQL) and
running the command 
        snort -c snort.conf
I get the error 
ERROR:unknown output plugin:'xml'Fatal Error,
Quitting..
Please Help me out.I am in deep need of the
solution.If you can suggest any other method ,please
suggest.
Thanking You,
Yours Faithfully,
Jitendra

________________________________________________________________________

Yahoo! India Matrimony: Find your life partner
online
Go to: http://yahoo.shaadi.com/india-matrimony

-------------------------------------------------------

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT
Products from real users.
Discover which products truly live up to the hype.
Start reading now.

http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or
unsubscribe:

https://lists.sourceforge.net/lists/listinfo/snort-users

Snort-users list archive:

http://www.geocrawler.com/redir-sf.php3?list=snort-users


________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 02)
- <Possible follow-ups>
- How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 02)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 04)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 05)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 06)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 07)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 07)
- RE: How to enable XML Logging in Snort 2.3.2 Jitendra Gupta (Apr 07)