[Snort-users] DNS on Log Messsages?

Mike Koponick mike at ...7385...
Tue Jan 14 06:06:03 EST 2003


Hello,

I was wondering if there was a way to resolve IP addresses into names from
the SNORT.LOG file. That is, this is the log that SNORT outputs now:

01/13-18:39:12.868701 [**] [1:384:4] ICMP PING [**] [Classification: Misc
activity] [Priority: 3] {ICMP} 192.168.11.21 -> 192.168.11.2

I would like log to look something like:

01/13-18:39:12.868701 [**] [1:384:4] ICMP PING [**] [Classification: Misc
activity] [Priority: 3] {ICMP} 192.168.11.21 (MYPC.MYDOMAIN.COM)->
192.168.11.2 (THEREPC.MYDOMAIN.COM)

Thanks in advance!

Mike





More information about the Snort-users mailing list