[Snort-users] snort -T output

hallian hallian hallian at ...125...
Mon Oct 25 07:10:00 EDT 2004


thanks Alex.................

thats what I was looking for.......... appreciate your help......

hallian

>From: "Alex Butcher, ISC/ISYS" <Alex.Butcher at ...11254...>
>To: hallian hallian <hallian at ...125...>, 
>snort-users at lists.sourceforge.net
>Subject: Re: [Snort-users] snort -T output
>Date: Mon, 25 Oct 2004 15:06:25 +0100
>
>
>
>--On 25 October 2004 07:25 -0600 hallian hallian <hallian at ...125...> 
>wrote:
>
>>When I update my rules I run snort -T to verify all my rules are GOOD.
>>But there is no way for me to automate this process so that I can read
>>the ERROR message to STDOUT to a file.   If the   snort -T does return
>>ERROR then I want to reverse back to old rules.
>>
>>HOw can I feedin the output from snort -T or snort -c
>>/etc/snort/snort.conf -v to STD OUTPUT to a file.
>
>What do you need to do with the output from Snort, that can't be done by 
>checking the return code:
>
>snort >snort.out 2>&1 -T -c /etc/snort/snort.conf
>if [ $? -eq 0 ]; then
>        echo "rules OK"
>        ...
>else
>        echo "rules broken"
>        cat <snort.out
>        ...
>fi
>
>>Any ideas....
>>thanks
>>hallian
>
>Best Regards,
>Alex.
>--
>Alex Butcher: Security & Integrity, Personal Computer Systems Group
>Information Systems and Computing             GPG Key ID: F9B27DC9
>GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
>
>






More information about the Snort-users mailing list