rob.ward at ...11329...
Wed Oct 20 08:38:59 EDT 2004
Thanks Stephane, the file is only around 25 MB though!?
--On 20 October 2004 17:07 +0200 stephane nasdrovisky
<stephane.nasdrovisky at ...12261...> wrote:
> Rob Ward wrote:
>> Perl 5.6
>> snort_stat.pl 126.96.36.199
>> When I run the 'alert' file produced by Snort through snort_stat.pl it
>> doesn't produce any data yet the file is full of alerts. I've seen
>> others with similar problems in the archives. Has anyone resolved this?
>> The strange thing is I also use grep to produce a file of DOS and DDOS
>> alerts from the 'alert' file and when I run this through snort_stat.pl
>> this produces output?
> Is your alert file larger than 2gb ? It may be related to some
> restriction on the file size (2 or 4 gb, I can't remember). If grep is
> producing a file smaller than 2gb, game is over. You may upgrade your
> perl to an uptodate one 5.8? It seems perl 5.6.1 is largefile (>2 or 4
> gb) ready. Google for "perl largefile" for more info.
Network Northwest Support
University of Liverpool
Computing Services Department
Tel: 0151 794 4449
Fax: 0151 794 4442
Mob: 07970 247 326
More information about the Snort-users