[Snort-devel] Problem with classification in unified output

BlackSteven johng at ...2752...
Wed Apr 27 02:31:23 EDT 2005


Hi everybody!
I've just been coding an snort output for about 3 days, so i am not very well documented but 
i am trying.
Does anyone know where i can find the binary format for the classification field in the event 
structure? I mean, i just dun know how is the classification coded there. Basically what i need 
is a conversion table between the binary format, and the actual classification in readeble 
format.
Ok thanx everybody

I DUNNO WH47 I W4N7 --> I DO |<NOW HOW 7O G37 I7!
WH3R3 TH¡N62 M4773R --> N07H¡N6 3L23 DO32!
               -->SPOOKITALL<--
               -->ROOTDWORLD<-- 




More information about the Snort-devel mailing list