[Snort-users] OT(Sorta): Querying acid/snort db from third party software

Jason snort-users at ...2977...
Tue May 27 08:16:02 EDT 2003


Sorry for the most likely offtopic post, but the acid list does not appear
to see to much traffic.

I am currently testing a third party application that pulls in data from
many different sources and then presents the coralated <spelling?> to the
user.  It currently takes in snort data via syslog and there agent,
however it does not include the payload data.  There is the option to call
external applications, which is what I am planning on doing. I was unable
to find any info on supplying arguments directly to the acid_qry_main.php
to call the search directly from the command line (using lynx in this case
for now) ie: 'lynx http://acid.blah.com/acid_qry_main.php?<some argument
to supply an IP, or a port, or whatever>'

Otherwise I will have to go the custom script route.. and my scripting
abilities are well... horrible. (currently using pgsql as backend in case
someone else has a query script I could use) :)




More information about the Snort-users mailing list