Snort mailing list archives

Re: AW: AW: snort filter

From: Erek Adams <erek () theadamsfamily net>
Date: Wed, 26 Sep 2001 14:26:43 -0700 (PDT)

On Wed, 26 Sep 2001, Eduard Meiler wrote:

doing this I get an error:

Reading network traffic from xxxxx-snort.log file
ERROR-> unable to open file xxxxx-snort.log for readback : archaic file
format
Fatal Error Quitting

any ideas ???


If have these two lines enabled in your config:

 output alert_unified: snort.alert
 output log_unified: snort.log

You'll need to use Barnyard to read and parse the data.  Barnyard is at
http://www.snort.org/downloads.html#1.25 .

If you're not using that, then you may have a corrupt file or something...  :(

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort filter Eduard Meiler (Sep 26)
- Re: snort filter Erek Adams (Sep 26)
  - AW: snort filter Eduard Meiler (Sep 26)
    - Re: AW: snort filter Erek Adams (Sep 26)
    - AW: AW: snort filter Eduard Meiler (Sep 26)
    - Re: AW: AW: snort filter Erek Adams (Sep 26)