[Snort-devel] PATCH: Snort log in pcap format to stdout

Dirk Geschke Dirk at ...972...
Thu Jun 12 11:37:09 EDT 2003


Hi Nick,

On Wed, 2003-06-11 at 01:52, Nick Austin wrote:
> Hello all, I have produced a 1 liner patch to enable you to log tcpdump 
> format data to STDOUT. I needed a way to send the data to another program 
> for post processing, I'm basically using snort as a layer 7 filter and 
> passing the data to Argus to do real time flow analysis on it.
> 
> I'm not sure if anybody else thinks this is a good idea, or if there is a 
> way to accomplish this without patching snort.

usually you can write to the special file /dev/stdout to print the data
on stdout instead of a real file.

Best regards

Dirk Geschke







More information about the Snort-devel mailing list