[Snort-users] output in both ACII and binary format simultaneously

Fermín Galán Márquez fgalan at ...5188...
Fri Mar 8 10:39:41 EST 2002


Hello everyone.

It its possible with Snort to get output in both
ASCII (hierarchical directory structured) and
binary format (ie, -b or log_tcpdump)
simultaneously for the same rule (when I use
log_tcpdump in a custom rule, ASCII output
deactivates for this rule) ?

I need both outputs, but, for a matter of
performance, I would like to avoid post-processing
(ie, snort -r) of the binary log to re-generate
the ASCII tree.

Thanks in advance.

----------
Fermín





More information about the Snort-users mailing list