[Snort-users] Snort and Ethereal

Alexandre Dulaunoy adulau-snort at ...1558...
Sat May 5 10:47:37 EDT 2001


You can make a rule to export in tcpdump format (read by ethereal)

 ruletype suspicious
            {
                type log
                output log_tcpdump: suspicious.log
            }

alx

On 5 May 2001, Sascha Ziemann wrote:

> Hi,
> 
> is there any way to tell Snort to write packets in a way that can be
> read by Ethereal?
> 
> bis sp�ter...
> Sascha
> 
> 





More information about the Snort-users mailing list