Re: Extracting ip address

[waldo kitty <wkitty42 () windstream net>]

On 4/17/2013 05:22, Lloyd wrote:
> open the log file in wireshark, you can see the ip address.

if the files in question are snort.log.xxxxxxxxxxxxxx type, then this would work 
since they are actually pcap files and not ascii text files as most log files are ;)

i don't find the original post here so i can go back to it but i have to wonder 
exactly what log files the OP is speaking of... there's also the default alert 
file which is plain ascii text and human readable as well as esaily parsed with 
perl and other text manipulating tools :)

> On Wed, Apr 17, 2013 at 12:02 PM, Prathibha P G <prathibhapg () gmail com
> <mailto:prathibhapg () gmail com>> wrote:
>
>     How to extract source ip address and estination ip address from snort log
>     files.kindly help me

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!