Snort mailing list archives
Snort_Stat.pl and Full Alerts
From: Erek Adams <erek () theadamsfamily net>
Date: Tue, 5 Jun 2001 11:13:58 -0700 (PDT)
I've got to stop working... I can't keep up with all the new features/revisions! ;-) Ok, for the real isssue.... I'm running 1.7b8 in production and I really would like to move to a nice stable 1.8b?? version. We're currently using Snort_Stat.pl to give mgmt a nice little who did what report. In trying to improve speed, we're ditching our sysloging. I grabbed the newest copy of Snort_Stat.pl (1.6.6.1) and tried to point it at alert.full, but it does not seem to like it at all. Does anyone use it with the FULL output format? If so, what magic did you work on it? If not, I'll be hacking into it later. :) ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort_Stat.pl and Full Alerts Erek Adams (Jun 05)