[Snort-devel] unified2 output format: binary format description/documentation

Jason Brvenik jasonb at ...402...
Tue May 27 11:43:20 EDT 2008


unified2 is documented in code and not all that difficult to figure out. 
  I don't know what your needs are but I've implemented partial unified2 
support in SnortUnified.pm - http://code.google.com/p/snort-unified-perl/



Philippe Strauss wrote:
> Hello snort developper,
> 
> Is the unified2 output format properly documented somewhere? I may be
> interested to write a data processor for it but I'm scarce on time,
> depending how difficult it is to get relevant information, I may resort
> to simpler solutions (like barnyard).
> 
> regards.
> 
> --
> philou
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> 




More information about the Snort-devel mailing list