Snort mailing list archives

snort + swatch + script wirting + waiting help

From: pearl carlo <pearlcarlo () yahoo com>
Date: Wed, 6 Jun 2007 12:59:13 -0700 (PDT)

Hi all

I am using  Snort and would like to use swatch so that when particular attack occurs  swatch runs that script. 

I need little  advice here .. i want my script to parse out the IP addresses from the same alert which is triggered by 
rule..

Any descriptive ideas will be helpful or if somebody has ready script shall be helpful to me before i spend lots of 
time to reinvent the wheel.

thanks a lot in advance and hope to get good response.

pearl
       
---------------------------------
Got a little couch potato? 
Check out fun summer activities for kids.

-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort + swatch + script wirting + waiting help pearl carlo (Jun 06)
- Re: snort + swatch + script wirting + waiting help Paul Melson (Jun 07)