[Snort-devel] Reporting packet number

Bhagya Bantwal (bbantwal) bbantwal at ...3461...
Wed May 21 20:21:18 EDT 2014


You can use the option –A console:test (which outputs the packet number along with the alert to console) or use –A alert to log to a file.

Thanks!
From: Beenish Raza <beenish.raza at ...445...<mailto:beenish.raza at ...445...>>
Date: Wednesday, May 21, 2014 6:09 PM
To: "snort-devel at lists.sourceforge.net<mailto:snort-devel at ...362....net>" <snort-devel at lists.sourceforge.net<mailto:snort-devel at ...2763...rge.net>>
Subject: [Snort-devel] Reporting packet number

I am matching a set of regular expressions against a large pcap file. I want snort to report the original packet number (like 10th packet of the pcap file reported match) as well when it gives alerts. What command I need to use to do this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140522/f92c5042/attachment.html>


More information about the Snort-devel mailing list