[Snort-users] "Saving State" in Snort

Michael L. Artz dragon at ...8731...
Tue Apr 1 15:27:07 EST 2003


Chris Green wrote:

>Finally a use for reading in off stdin
>
>(for i in *.cap.gz| do gzip -dc $i; done) | snort -r -  <args>
>
I always forget about that crazy command line.  Thanks!

How would you solve the "between dvd" sessions?  A perl script dumping 
to a snort pipe is pretty easy, but is there a better way?

-Mike













More information about the Snort-users mailing list