[Snort-users] Snort deamon mode packet drop's statistic

Thomas Reisinger reisinger at ...10732...
Thu Dec 11 02:58:02 EST 2003


Are there any plans to merge FLoP with the snort project?


_______________________________________________________
BARACUDA Datentechnik GmbH
Ing. Thomas Reisinger
System Engineer CCIE No. 9283 - Prokurist

Telefon: +43(0)7229/79216-27 	Wachtelstr. 19b 
Telefax: +43(0)7229/79216-11 	A-4053 Haid 
Mobil: 	+43(0)650/7921632	Austria
reisinger at ...10732... 		http://www.baracuda.at
_______________________________________________________


-----Original Message-----
From: Dirk Geschke [mailto:Dirk_Geschke at ...1344...] 
Sent: Thursday, December 11, 2003 11:05 AM
To: Thomas Reisinger
Cc: Dirk Geschke; snort-users at lists.sourceforge.net;
Dirk_Geschke at ...1344...
Subject: Re: [Snort-users] Snort deamon mode packet drop's statistic 

Hi Thomas,

> I'm using snort (RH) with MySQL/ACID and didn't use the syslog. Is it
> possible to send/query the snort statistic via SNMP or as HTML output
> (periodical)?

I implemented one possibility to dump the statistics
on a periodical basis to an unix socket. A perl script
(or somesthing else) is able to read these information
and feed them in a RRD database. This is part of the
Fast Logging Project - FLoP. You can find it at

  http://www.geschke-online.de/FLoP

For the statistics take a look at:

  http://www.geschke-online.de/doc/c89.html#AEN104

But the RRD database is still kept on the sensor...

Best regards

Dirk
--
+-------------------------------------------------------------+
| Dr. Dirk Geschke            | E-mail: geschke at ...1344...      |
| Gesellschaft fuer Netzwerk  | Tel.  : +49-(0)-89-991950-131 |
| und Unix Administration mbH | Fax   : +49-(0)-89-991950-999 |
| 85551 Kirchheim / Germany   | Domagkstrasse 7               |
+-------------------------------------------------------------+






More information about the Snort-users mailing list