[Snort-users] script to feed snort log directory data into acid

skeller1 at ...2070... skeller1 at ...2070...
Mon May 21 10:06:40 EDT 2001


Hi there,

does anyone have a (perl?) script to feed the snort log data
stored in a directory (-l .) into the mysql database used by acid?

that is.. a script that puts things like this:

[**] ids 4711 - SNMP access, public [**]
05/21-13:28:20.921901 0:50:F:5:26:0 -> 0:30:80:44:43:80 type:0x800 len:0x68
45.29.229.295:1157 -> 45.29.229.135:161 UDP TTL:126 TOS:0x0 ID:61327
Len: 70
32 85 10 3B 02 11 00 00 16 71 05 42 3C 39 61 B0  0..:.....public.
8A A0 2A AA 01 20 E8 16 22 11 10 0B 21 11 33 22  ..+..$........0.
10 2C 33 0D 16 07 11 06 11 22 11 11 11 01 15 10  ..0...+.........
31 0B A6 18 23 04 11 22 11 0A 21 12 32 0A        0...+.........

into the database..?

Would be nice to consolidate data from differen platforms..

Regards

Stefan






More information about the Snort-users mailing list