[Snort-users] output snort alerts to acid

cr32111 at ...2303... cr32111 at ...2303...
Wed Sep 4 09:17:21 EDT 2002


I have a lot of old snort alert and portscan files files from an other sensor. On this moment, I have a acid database to analyse the data.

I was wondering, is it possible to re-process my old alert files so that snort pushes these alerts into the database again. I know that this is possible when you have the binary tcpdump files, but I don't have those.

Does anybody have any suggestions on this?

Thanks a lot.



More information about the Snort-users mailing list