[Snort-users] snortsnarf problems

Perrymon, Josh L. PerrymonJ at ...8353...
Wed Nov 12 14:10:12 EST 2003




> I'm running snort and logging to my apache directory
> /usr/local/www/data-dist/snort
> 
> I'm running passing the following command line options-
> 
> snortsnarf /usr/local/www/data-dist/snort -d /usr/local/www/data-dist
> 
> And I get the error messages below...
> 
> Any ideas?????
> 
> 
> 
> snortsnarf /usr/local/www/data-dist/snort -d /usr/local/www/data-dist
> unknown alert format for line: { at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 1.
> unknown alert format for line: index.html at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 2.
> unknown alert format for line: 10.1.26.27 at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 3.
> unknown alert format for line: 10.1.26.67 at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 4.
> unknown alert format for line:
>  at /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 5.
> unknown alert format for line:  at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 6.
> unknown alert format for line:  at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 7.                              at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 8.known alert format for line:
> unknown alert format for line: 138.32.4.5 at
> /usr/local/libdata/snortsnarf//SnortSnarf/SnortFileInput.pm line 322,
> <inputfile001> chunk 9.
> 
> Joshua Perrymon
> Sr. Network Security Consultant
> BE&K Information Security Dept.
> 2000 International Park Drive
> Birmingham, Al 35243
> Voice ( 205 ) 972-6745
> 
> 




More information about the Snort-users mailing list