Snort mailing list archives
Re: Log snort input pcap file along with alert
From: Bogdan Harjoc <harjoc () gmail com>
Date: Wed, 24 Jun 2015 20:05:54 +0300
Solved: --pcap-show and in config file: alert_full: stdout Thanks, Bogdan On Wed, Jun 24, 2015 at 7:48 PM, Bogdan Harjoc <harjoc () gmail com> wrote:
Hello, I'm feeding a list of pcap files to snort, and would like to see which pcap file triggered which alert. But snort alert and output modules all log to different files. Messages like "Acquiring network data from x.pcap" are hardcoded in the code to go to stderr, and snort reopens stderr to some file configurable in snort.conf. Meanwhile, none of the snort alert modules seem to be able to output to stderr. Is there really no way to associate the pcap file to a generated alert ? Cheers, Bogdan
------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Log snort input pcap file along with alert Bogdan Harjoc (Jun 24)
- Re: Log snort input pcap file along with alert Bogdan Harjoc (Jun 24)