Snort mailing list archives

Re: snort.stats analysis

From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 16 Jul 2012 22:35:46 -0400

On 7/16/2012 18:23, Castle, Shane wrote:

I'm afraid that I do not believe the stats produced. I need some verification that it is not lying to me. For 
instance, it appears that in some cases zero values are thrown out rather than going into average calculations: the 
loss percentage is seen as 0.000 in many lines of the snort.stats file but the minimum reported when -d is requested 
is greater than zero.

Also, it croaks with "uninitialized value" or "Invalid data set" when non-standard output is requested ("-h" for 
example).


well... what i pulled is apparently version 0.0.1dev... i will give these 
problems a pass because i've done similar and thus... but for the time, it would 
seem that no one has found it or given it consideration..

what i saw initially with STDOUT was interesting... it makes sense but i need 
additional confirmation or debug output showing the process flow... level 9 i 
guess ;)

but, again, back to my previous comment about the revision level... have there 
been any more? how do i gather them? this one i pulled via browse of the SVN (or 
whatever) and copied'n'pasted it to a new script document... i might have pulled 
the base instead of what i saw as the 10th update... i dunno... i don't use 
these SVN type things :/


------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

snort.stats analysis Castle, Shane (Jul 16)
- Re: snort.stats analysis Joel Esler (Jul 16)
  - Re: snort.stats analysis waldo kitty (Jul 16)
  - Re: snort.stats analysis waldo kitty (Jul 16)
    - Re: snort.stats analysis Castle, Shane (Jul 16)
    - Re: snort.stats analysis waldo kitty (Jul 16)
    - Re: snort.stats analysis waldo kitty (Jul 16)
    - Re: snort.stats analysis JJ Cummings (Jul 16)