[Snort-devel] Unified2 output format?

Richard Bejtlich taosecurity at ...2499...
Mon Mar 2 20:07:18 EST 2009


On Mon, Mar 2, 2009 at 6:09 PM, c0uchw4rrior <c0uchw4rrior at ...2499...> wrote:
> Hello,
>
> I've been looking into the Unified2 output format, specifically at
> implementing it for some software components that currently produce
> and consume Unified logs.
>

Hello,

For what it's worth, I looked at several options for Unified2 in this
Snort Report from last year:

http://searchsecuritychannel.techtarget.com/tip/0,289483,sid97_gci1339679,00.html

In addition to Jason's work, the SecurixLive.com guys have done a lot
of coding to implement Barnyard2 for Unified2 as well.

http://www.securixlive.com/barnyard2/index.php

I hadn't seen the Subukan project until now.  Thanks for the link.

Sincerely,

Richard




More information about the Snort-devel mailing list