[Snort-devel] Fwd: Snort Alerts in Unix Sockets

Ed Borgoyn (eborgoyn) eborgoyn at ...3461...
Wed Feb 17 08:09:31 EST 2016


Please look at src/output-plugins/spo_alert_unixsock.h


From: Nauman Ahmad <nauman.ahmad at ...3638...<mailto:nauman.ahmad at ...3638...>>
Date: Wednesday, February 17, 2016 at 12:46 AM
To: "snort-devel at lists.sourceforge.net<mailto:snort-devel at ...362....net>" <snort-devel at lists.sourceforge.net<mailto:snort-devel at ...2763...rge.net>>
Subject: [Snort-devel] Fwd: Snort Alerts in Unix Sockets

I have configured Snort to log alerts to unix socket and they are successfully being logged. However the issue is that I have used the code from 'README.UNSOCK' to read from the unix socket and access its members. By compiling it with all required libraries included I have removed all linking related errors during compilation, but I am getting an error that the structure 'Alertpkt' is not defined which means it cannot be accessed even when Snort.h is included. Kindly help me in this regard as the provided example has an 'Alertpkt' variable defined. I am using the most latest source code during compilation. If you can provide me the structure of 'Alertpkt' it will help me in accessing the information contained.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20160217/4f4b5a88/attachment.html>


More information about the Snort-devel mailing list