[Snort-users] Obtain CVE id from unix sock output of Snort

Brian bmc at ...950...
Tue Feb 3 13:47:16 EST 2004


On Tue, Feb 03, 2004 at 11:32:34AM +0100, Matteo wrote:
> Hello all,
> I'm writing a little prog that read the data from the snort unisx dom 
> socket and I need to retrieve, if it's presente, the cve code from 
> the reference of the alert.

Parse sid-msg.map, and grab the references from there.

-brian




More information about the Snort-users mailing list