Snort mailing list archives

Previous By Date Next
Previous By Thread Next

RE: How to enable XML Logging in Snort 2.3.2

From: Jitendra Gupta <jitendrakrgupta_snort () yahoo co in>
Date: Thu, 7 Apr 2005 16:22:36 +0100 (BST)
Thanks for all your efforts.Let me try further and if
I get hold of any solution I will certainly inform you
and the mailing list.
Jitendra
 --- Joshua Berry <jberry () PENSON COM> wrote: 

I believe that the patches or plugin use to be
provided with the Snort
source code, but is not any longer.

-----Original Message-----
From: Jitendra Gupta
[mailto:jitendrakrgupta_snort () yahoo co in] 
Sent: Thursday, April 07, 2005 9:57 AM
To: Joshua Berry; snort Mailing List
Subject: RE: [Snort-users] How to enable XML Logging
in Snort 2.3.2


I came to know about the XML plugin from 
     http://www.cert.org/kb/snortxml/
I have done all steps of it but all in vain and it
also does not speak of any patches.
Jitendra

 --- Joshua Berry <jberry () PENSON COM> wrote: 

Where did you get the information about the XML
output plugin in the
first place?  This is where the patch will be.

-----Original Message-----
From: Jitendra Gupta
[mailto:jitendrakrgupta_snort () yahoo co in] 
Sent: Thursday, April 07, 2005 9:40 AM
To: Joshua Berry; snort Mailing List
Subject: RE: [Snort-users] How to enable XML

Logging

in Snort 2.3.2


Please could you detail me the name of the patch

and

where can I get it.See I am a newbie.Please.
Jitendra


 --- Joshua Berry <jberry () PENSON COM> wrote: 

Yes, any extra output plugins require patches. 
Snort does not already
have an XML output plugin, you have to patch the
source.

-----Original Message-----
From: Jitendra Gupta
[mailto:jitendrakrgupta_snort () yahoo co in] 
Sent: Wednesday, April 06, 2005 2:52 AM
To: Joshua Berry; snort Mailing List
Subject: RE: [Snort-users] How to enable XML

Logging

in Snort 2.3.2

which patch are you talking about?After

installing

libair I directly did ./configure

--(parameters).If

any patch is to be applied ,Please detail me.
Thanks for your interest,
Jitendra

 --- Joshua Berry <jberry () PENSON COM> wrote: 

When you patched Snort, everything applied

cleanly? 

This must be a
problem with newer Snort releases, I don't

think

that the XML plugin is
maintained very much anymore.

-----Original Message-----
From: Jitendra Gupta
[mailto:jitendrakrgupta_snort () yahoo co in] 
Sent: Tuesday, April 05, 2005 2:43 AM
To: Joshua Berry; snort Mailing List
Subject: RE: [Snort-users] How to enable XML

Logging

in Snort 2.3.2

Dear Sir,
         Thanks a lot again for taking

interest

in

my
problem.Here's my output of ./configure --help

:-


snort-2.3.2]# ./configure --help|more

`configure' configures this package to adapt

to

many

kinds of systems.
                                              

 

 

 

 
                                           
Usage: ./configure [OPTION]... [VAR=VALUE]...
                                              

 

 

 

 
                                           
To assign environment variables (e.g., CC,
CFLAGS...),
specify them as VAR=VALUE.  See below for
descriptions
of some of the useful variables.
                                              

 

 

 

 
                                           
Defaults for the options are specified in

brackets.

                                              

 

 

 

 
                                           
Configuration:
  -h, --help              display this help

and

exit

      --help=short        display options

specific

to 
                this package
      --help=recursive    display the short

help

of

all the included packages
  -V, --version           display version
information
and exit
  -q, --quiet, --silent   do not print

`checking...'

messages
      --cache-file=FILE   cache test results

in

FILE

[disabled]
  -C, --config-cache      alias for
`--cache-file=config.cache'
  -n, --no-create         do not create output

files

      --srcdir=DIR        find the sources in

DIR

[configure dir or `..']
                                              

 

 

 

 
                                           
Installation directories:
  --prefix=PREFIX         install
architecture-independent files in PREFIX
                          [/usr/local]
  --exec-prefix=EPREFIX   install
architecture-dependent files in EPREFIX
                          [PREFIX]
                                              

 

 

 

 
                                           
By default, `make install' will install all

the

files
in
`/usr/local/bin', `/usr/local/lib' etc.  You

can

specify
--More--
an installation prefix other than `/usr/local'

using

`--prefix',
for instance `--prefix=$HOME'.
 
For better control, use the options below.
 
Fine tuning of the installation directories:
  --bindir=DIR           user executables
[EPREFIX/bin]
  --sbindir=DIR          system admin

executables

[EPREFIX/sbin]
  --libexecdir=DIR       program executables
[EPREFIX/libexec]
  --datadir=DIR          read-only
architecture-independent data [PREFIX/share]
  --sysconfdir=DIR       read-only



=== message truncated === 

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: