Re: Getting Snort version as bash variable

[waldo kitty <wkitty42 () windstream net>]

On 8/4/2010 04:56, Rob MacGregor wrote:
> On Wed, Aug 4, 2010 at 06:37, CoryC<oakleeman () yahoo com>  wrote:
> > Last week someone wrote that they used a script to do automatic updates of Snort. I'm trying to do something similar 
> > but am having difficulty capturing the version number as a Bash variable. I can capture the whole version string&  
> > ascii art but can't figure out how to manipulate it to give me just the version number. I'm unable to echo the 
> > string into a text file either, it shows all the info on the screen.
> >
> > I was getting it from the snort.conf file but I didn't see it written in the latest version so I thought I'd get it 
> > from the -V method.
> >
> > I've google searched but might be using the wrong terms since I've not had much luck. Any advice would be 
> > appreciated.
>
> snort -V 2>&1 | egrep Version | sed "s/.*Version \([0-9\.]*\) .*/\1"

that's almost exactly what i do in perl... more specifically, lines 1, 4, and 7 
in the following perl snippet ;)

open(MY_INPUT,"/usr/bin/snort -V 2>&1 |");
while(MY_INPUT) {
   chomp;
   if (/Version\s+(.*)/i) {
     (${display_version}, ${sub1}, $sub2}) = split(/ /,$1);
     ${snortDLversion} = ${display_version};
     ${snortDLversion} =~ s/\.//g;
     ${display_version} .= " ${sub1} ${sub2}";
   }
}
close(MY_INPUT);
while (length(${snortDLversion}) < 4) {
   ${snortDLversion} .= '0';
}

> Should do the trick (caution, that wasn't a copy and paste, some minor
> tweaking may be required).  Basically, it redirects stderr to stdout,
> extracts only the line with the word Version in it and then extracts
> the field after the word Version, that consists only of numbers and
> dots.

yup... mine above extracts the field into three vars via splitting on the 
spaces... then we remove all the dots from the version portion...

> If Snort were to move to including letters in the version you'd
> want:
>
> snort -V 2>&1 | egrep Version | sed "s/.*Version //" | awk '{ print $1 }'
>
> Which does much the same, only it extracts the space delimited field
> after the word Version.

so many ways and so little time :P :)

------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users