Snort mailing list archives
Re: snort.stats analysis
From: JJ Cummings <cummingsj () gmail com>
Date: Mon, 16 Jul 2012 20:57:46 -0600
Glad to see some traffic, I'll gladly update the pigdoktah if you see flaws or have some ideas to add.... It has been unchanged largely because the data that it reads is fairly static in design and it's purpose fairly singular :) Sent from the iRoad On Jul 16, 2012, at 20:43, waldo kitty <wkitty42 () windstream net> wrote:
On 7/16/2012 18:23, Castle, Shane wrote:I'm afraid that I do not believe the stats produced. I need some verification that it is not lying to me. For instance, it appears that in some cases zero values are thrown out rather than going into average calculations: the loss percentage is seen as 0.000 in many lines of the snort.stats file but the minimum reported when -d is requested is greater than zero.following up on this again but for this specific point: my stats file has a specific CSV extension so that xfering it between machines results in the same processing... CSV files are spreadsheet files in my small environment... but i've not had the time to work out graphs and averages on the sheet(s) i've imported... the base prognosis is that it works with simple formulas but, again, i've not tried it... i can easily do so, when i find the time, and save off the log to compare with later... time is the problem :/ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- snort.stats analysis Castle, Shane (Jul 16)
- Re: snort.stats analysis Joel Esler (Jul 16)
- Re: snort.stats analysis waldo kitty (Jul 16)
- Re: snort.stats analysis waldo kitty (Jul 16)
- Re: snort.stats analysis Castle, Shane (Jul 16)
- Re: snort.stats analysis waldo kitty (Jul 16)
- Re: snort.stats analysis waldo kitty (Jul 16)
- Re: snort.stats analysis JJ Cummings (Jul 16)
- Re: snort.stats analysis Joel Esler (Jul 16)