[Snort-devel] PATCH: Snort log in pcap format to stdout
Dirk at ...972...
Thu Jun 12 11:37:09 EDT 2003
On Wed, 2003-06-11 at 01:52, Nick Austin wrote:
> Hello all, I have produced a 1 liner patch to enable you to log tcpdump
> format data to STDOUT. I needed a way to send the data to another program
> for post processing, I'm basically using snort as a layer 7 filter and
> passing the data to Argus to do real time flow analysis on it.
> I'm not sure if anybody else thinks this is a good idea, or if there is a
> way to accomplish this without patching snort.
usually you can write to the special file /dev/stdout to print the data
on stdout instead of a real file.
More information about the Snort-devel