Snort mailing list archives
RE: Converting ASCII logs to Unified Format
From: "Esler, Joel CNTR/Sytex" <joel.esler () rcert-s army mil>
Date: Mon, 14 Mar 2005 11:24:30 -0500
So, I am guessing that you can an alert file you want to convert? On Mon, 2005-03-14 at 08:19 -0800, Jim O'Leary wrote:
I should clarify that I was given the Snort log files from an external source, not from my own Snort.conf. I need to convert these text files into unified so Barnyard can stick them into MySQL. -----Original Message----- From: Esler, Joel CNTR/Sytex [mailto:joel.esler@rcert- s.army.mil] Sent: Monday, March 14, 2005 8:16 AM To: Jim O'Leary Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Converting ASCII logs to Unified Format Unified format is completely different from the ASCII log. I would double check your Snort.conf settings. J On Sat, 2005-03-12 at 22:03 -0800, Jim O'Leary wrote: > I have Snort set up so that it outputs logs and alerts to > the binary "unified" format. I also have barnyard set up so > that it reads those binary files and sticks them into a > MySQL database. > > The problem is, I've been given a group of Snort output > files that are in the ASCII format. How do I convert these > files to "unified" so I can get barnyard to stick them into > MySQL? > > Thanks -- Esler, Joel CNTR/Sytex <joel.esler () rcert-s army mil>
-- Esler, Joel CNTR/Sytex <joel.esler () rcert-s army mil>
Current thread:
- Converting ASCII logs to Unified Format Jim O'Leary (Mar 12)
- Re: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- RE: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- RE: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)
- RE: Converting ASCII logs to Unified Format Jim O'Leary (Mar 14)
- Re: Converting ASCII logs to Unified Format Esler, Joel CNTR/Sytex (Mar 14)