Snort mailing list archives
RE: Converting ASCII logs to Unified Format
From: "Jim O'Leary" <j_oleary_langara () yahoo ca>
Date: Mon, 14 Mar 2005 08:19:21 -0800
I should clarify that I was given the Snort log files from an external source, not from my own Snort.conf. I need to convert these text files into unified so Barnyard can stick them into MySQL. -----Original Message----- From: Esler, Joel CNTR/Sytex [mailto:joel.esler () rcert-s army mil] Sent: Monday, March 14, 2005 8:16 AM To: Jim O'Leary Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Converting ASCII logs to Unified Format Unified format is completely different from the ASCII log. I would double check your Snort.conf settings. J On Sat, 2005-03-12 at 22:03 -0800, Jim O'Leary wrote: I have Snort set up so that it outputs logs and alerts to the binary "unified" format. I also have barnyard set up so that it reads those binary files and sticks them into a MySQL database. The problem is, I've been given a group of Snort output files that are in the ASCII format. How do I convert these files to "unified" so I can get barnyard to stick them into MySQL? Thanks -- Esler, Joel CNTR/Sytex <joel.esler () rcert-s army mil>
Current thread:
- Converting ASCII logs to Unified Format Jim O'Leary (Mar 12)
- Re: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- RE: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- RE: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- Re: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)