Snort mailing list archives

Showing dump of only matched paquets.

From: Gustavo Guillermo Perez <gustavo () compunauta com>
Date: Sat, 19 Mar 2011 17:27:28 -0600

Hello dear list, I'm trying to setup snort to make a little sniffer, and I 
need something like -dv but only with the rules matched not wit all the 
paquets.

The rules works so fine and logs into the log file excellent and I can read 
the log with -dv -r /var/log/snort/snort.logxxxx wit only matched packets but 
not in realtime, there is any way to do this in realtime?, it means to show 
the HEX output with all info but only with mached packets?

Best regards in advance.
-- 
Gustavo Guillermo Perez
http://www.compunauta.com
http://www.compunauta.net
http://anuncios.compunauta.net

------------------------------------------------------------------------------
Colocation vs. Managed Hosting
A question and answer guide to determining the best fit
for your organization - today and in the future.
http://p.sf.net/sfu/internap-sfd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Showing dump of only matched paquets. Gustavo Guillermo Perez (Mar 19)
- Re: Showing dump of only matched paquets. ab1197590 () gmail com (Mar 22)
  - Re: Showing dump of only matched paquets. Russ Combs (Mar 22)
    - Re: Showing dump of only matched paquets. Gustavo Guillermo Perez (Mar 22)
    - Re: Showing dump of only matched paquets. Gustavo Guillermo Perez (Mar 22)
  - Re: Showing dump of only matched paquets. Gustavo Guillermo Perez (Mar 22)
    - Re: Showing dump of only matched paquets. Russ Combs (Mar 22)
    - Re: Showing dump of only matched paquets. ab1197590 () gmail com (Mar 22)
    - Re: Showing dump of only matched paquets. Russ Combs (Mar 22)