Re: snort.stats analysis

[waldo kitty <wkitty42 () windstream net>]

On 7/16/2012 18:23, Castle, Shane wrote:
> I'm afraid that I do not believe the stats produced. I need some verification that it is not lying to me. For 
> instance, it appears that in some cases zero values are thrown out rather than going into average calculations: the 
> loss percentage is seen as 0.000 in many lines of the snort.stats file but the minimum reported when -d is requested 
> is greater than zero.

following up on this again but for this specific point:

my stats file has a specific CSV extension so that xfering it between machines 
results in the same processing... CSV files are spreadsheet files in my small 
environment... but i've not had the time to work out graphs and averages on the 
sheet(s) i've imported... the base prognosis is that it works with simple 
formulas but, again, i've not tried it... i can easily do so, when i find the 
time, and save off the log to compare with later... time is the problem :/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!