Scott A. McIntyre
scott at ...1050...
Thu Jun 14 09:06:50 EDT 2001
Also sprach Roeland Weve (roeland at ...1415...):
> I am trying to use snort_stat.pl, but I can't get any output ...
Only the very latest snort_stat.pl will handle (read: ignore) the line
that has the Classifications and Priorities. Make sure that you
download that verson from wherever it lives (there's a link from
www.snort.org). I think the latest version is 188.8.131.52
Two other points about snort_stat.pl and version 1.8 rules:
1) If you use -y for outputting year, make sure you adjust the script
accordingly, or it will get very confused. The pattern match only looks
2) It can not handle the new format (from CVS) alert line of:
[**] [1:718:1] TELNET - login incorrect [**]
I changed log.c to make this go away rather than deal with the regexp in
the perl (hate regexp).
More information about the Snort-users