[Snort-users] output log format

Janet Norton cjnorton at ...11748...
Wed May 5 10:59:01 EDT 2004


I am trying to use snort to capture a copy of all print job data sent to a network printer.

When I use:
snort -l c:\dir_name host 149.59.152.28 
I like the way there are seperate files for packet fragments, but I do not want all the packet detail just the contents of data.

So I tried:
snort -b -l c:\dir_name host 149.59.152.28
I can extract the printer data more easily from this format, but everything was just appended to snort.log file.

I would like to run snort continuosly to capture all printer packets, and like the idea of seperate files, so an alternate task can process data as packets are received.  Can you help me determine the correct syntax to format output files for packet data only?  Any suggestions would be appreciated.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040505/abe34303/attachment.html>


More information about the Snort-users mailing list