[Snort-users] upgraded some tools (snortplot)
bmc at ...950...
Sun Oct 28 11:46:03 EST 2001
According to Angelos Karageorgiou:
> Well the syslog version is really tough to apply a regex onto it
> to normalize the output, Expect that some of the scripts will be broken
> It is not so much a snort problem more like a problem of the people who
> write the rules, they do not have a consistent logging scheme for the
> errors they display. So sometimes you have warings in square brackets
> other times two warnings in square brackets etc.
What do you mean? Can you give some examples? If it isn't done in a
standard way, it can probably be changed.
In life, the wanting is always better than the getting... except maybe sex.
More information about the Snort-users