[Snort-users] snort_stat.pl

Roeland Weve roeland at ...1415...
Thu Jun 14 09:46:16 EDT 2001


Just one minute ago the author (Yen-Ming Chen) mailed me that this
problem is fixed!
Great work of course!
The version right now is and it works right now.


> Also sprach Roeland Weve (roeland at ...1415...):
> > I am trying to use snort_stat.pl, but I can't get any output ...
> Only the very latest snort_stat.pl will handle (read: ignore) the line
> that has the Classifications and Priorities.  Make sure that you
> download that verson from wherever it lives (there's a link from
> www.snort.org).  I think the latest version is
> Two other points about snort_stat.pl and version 1.8 rules:
> 1)  If you use -y for outputting year, make sure you adjust the script
> accordingly, or it will get very confused.  The pattern match only looks
> for month/day.
> 2)  It can not handle the new format (from CVS) alert line of:
> [**] [1:718:1] TELNET - login incorrect [**]
> I changed log.c to make this go away rather than deal with the regexp in
> the perl (hate regexp).
> Scott.

Netland Internet Services
bedrijfsmatige internetoplossingen

http://www.netland.nl   Kruislaan 419              1098 VA Amsterdam
info: 020-5628282       servicedesk: 020-5628280   fax: 020-5628281

More information about the Snort-users mailing list