[Snort-users] Snort &postgresql (possibly stupid question department)

roman at ...438... roman at ...438...
Sun Nov 18 18:11:03 EST 2001


Take a look at Question #E-1 of the ACID FAQ:

http://acidlab.sourceforge.net/acid_faq.html

Roman

On Mon, 22 Oct 2001, Mark Forsyth wrote:

>
> Hiya,
>      Maybe I've lost the plot completely but.. Snort stores IP addresses (
> Ip_src & ip_dst ) in the iphdr table as a bigint so a select of that table
> returns ...:-
>
>
> snort=# select ip_src,ip_dst from iphdr;
>    ip_src   |   ip_dst
> ------------+------------
>  3587915298 | 3416531087
>  3507146690 | 3416531087
>  3507159138 | 3416531087
>
> My question is how to do the conversion to the IPv4 (xxx.xxx.xxx.xxx)
> format ? Presumably I'm missing something obvious, in fact so obvious that
> I haven't a hope of seeing it ??
>
> I used the script supplied in snort-1.8.1-RELEASE to create the database.
> (snort-1.8.1-RELEASE/contrib/create_postgresql)
> 
> TIA
> Mark F...



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-users mailing list