Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Filename in alert_CSV

From: "Parker, Jonathan E." <jep () g-c-i net>
Date: Thu, 13 Jun 2013 20:24:44 +0000
I am processing multiple .pcap files using the --pcap-dir option, and have my snort.conf setup to put alerts in a csv 
file using alert_CSV.  After processing with Snort I load the results into a MySQL database.  I want to include the 
filename of the pertinent .pcap for each alert, but there does not seem to be an option for that for the csv output 
module.  Can anyone suggest a way to do this?

Thanks in advance - Jon

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: