[Snort-users] script to import XML output to DB

Chris Green cmg at ...671...
Wed Apr 4 00:10:00 EDT 2001

"O'Boyle, Todd" <OboyleT at ...1732...> writes:

> Has anyone done any work on importing the SNML XML Snort output and storing
> it in a database?  I'd like to fetch in short intervals (30 minutes) from
> the sensors and then import them in to a database on a beefy server.

If you're just going to use the same type of schema as the
spo_database stuff supports, it's pretty simple to process the snort
binary files again with the -b on the sensor and -r options on the
beefy server to import them into a Db.

There's no XML based processing tools for snort AFAIK. 
Chris Green <cmg at ...671...>

More information about the Snort-users mailing list