[Snort-users] RE: Network Behaviour Anomoly Detection

Lawrence Reed Lawrence.Reed at ...1444...
Wed Jul 14 13:36:01 EDT 2004

Bamm Visscher wrote:

>I think barnyard can read the file via dp_stream_stat, but AFAIK,
>there are no output plugins that can do anything with the data (yet). 
>I think Marty meant to imply that you would need to write that
I have a chunk of code to do just that.  It was written some time ago 
for BY 0.1.0.  Spits out the stream stats in a csv format, similar to 
alert_csv output.

If anyone is interested I'll clean it up for BY 0.2.0 and post it.


Larry Reed  Lawrence.Reed at ...1444...
NOAA IT Security Office
PGP Public Key:  http://search.keyserver.net:11371/pks/lookup?op=get&search=0x7A998772

More information about the Snort-users mailing list