[Snort-users] data collected

Greg Sarsons gsarsons at ...530...
Mon Oct 22 07:24:06 EDT 2001


I've used snort to sniff traffic on a WAN.  In a day or two I will be
starting to look at the huge binary data captures.  Initially I was
going to write some perl scripts to parse the playback of the data piped
from snort.   

However, I'm thinking that I should just replay with snort and log to
mysql.  Then I can do the analysis I want.  Guess I should even add the
snortdb-extra.gz as well.

Is there any benifit right now of using the latest CVS to do this vice
the released version?

Any thoughts or comments welcome.

Greg









More information about the Snort-users mailing list