[Snort-users] csv input of honeysuckle
Maetzky, Steffen (Extern)
Steffen.Maetzky at ...11508...
Tue Jul 20 03:21:05 EDT 2004
After a good night, I know the solution of my problem from yesterday:
I can't use an empty log.csv, because it is the input
(and not the output what I have thought even it is described as input -
perhaps to much coffee and too few breaks???)
But now I have problems with generating the log.csv.
Brian Caswell wrote that he use the following csv-format: srcip, dstip,
This fields doesn't seem to be supported by snorts csv output.
I know that barnyard-0.2.0 is able to make csv outputs but it has no event
Should I use event_id or event_reference instead of event?
Does anyone know if the script works after adding other fields?
Which output uses honeysuckle (sreen or file? Which file?)
(sorry, but I'm not a perl programmer)
Thanks in advance,
More information about the Snort-users