[Snort-users] data collected
gsarsons at ...530...
Mon Oct 22 07:24:06 EDT 2001
I've used snort to sniff traffic on a WAN. In a day or two I will be
starting to look at the huge binary data captures. Initially I was
going to write some perl scripts to parse the playback of the data piped
However, I'm thinking that I should just replay with snort and log to
mysql. Then I can do the analysis I want. Guess I should even add the
snortdb-extra.gz as well.
Is there any benifit right now of using the latest CVS to do this vice
the released version?
Any thoughts or comments welcome.
More information about the Snort-users