[Snort-users] DShield logs from Snort logs?
mark.rowlands at ...752...
Tue Aug 27 06:57:07 EDT 2002
On Mon August 26 2002 20:59, Harald Finnaas wrote:
> Just wondering if anyone has scripts that can process the Snort logs and
> generate the kind of logs DShield wants? From what I've figured out the
> DShield Snort scripts read only syslog format.?
snort logs in many ways, it's mysteries to perform ;-)
All depends on your snort.conf / cmdine options but the portscan and
snort 1.8 alert scripts in the framework client
should mostly work, you may have to do a little hacking about but it is pretty
If you are using ACID then I have a script (ugly) that can pull from that.
More information about the Snort-users