[Snort-users] Snort documentation

sekure sekure at ...11827...
Thu Sep 2 12:43:30 EDT 2004


There is actually a small util included in the contrib directory
called perfstats.c that when compiled and fed the snort.stats file,
interprets it all for you, line by line.  But here is the format,
pulled out of perf-base.c:

 *   Log Base Per Stats to File for Use by the MC
 *
 * unixtime(in secs since epoch)
 * %pkts dropped
 * mbits/sec
 * alerts/sec
 * K-Packets/Sec
 * Avg Bytes/Pkt
 * %bytes pattern matched
 * syns/sec
 * synacks/sec
 * new-sessions/sec
 * del-sessions/sec
 * total-sessions open
 * max-sessions
 * streamflushes/sec
 * streamfaults/sec
 * streamtimeouts
 * fragcompletes/sec
 * fraginserts/sec
 * fragdeletes/sec
 * fragflushes/sec
 * fragtimeouts
 * fragfaults
 * %user-cpu usage
 * %sys-cpu usage
 * %idle-cpu usage
 */


On Thu, 2 Sep 2004 14:48:18 -0400, Esler, Joel - Contractor
<joel.esler at ...9426...> wrote:
> Has anyone noticed the documentation for snort.stats dissappearing from
> the documentation?  I often referred to it to interperet the fields from
> snort.stats.  Does anyone have a parser for this kind of thing?  I am
> not a perl coder, but I could imagine that comma seperated values
> wouldn't be to hard to make into a webpage or something.
> 
> J
> 
> -------------------------------------------------------
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> http://ads.osdn.com/?ad_idP47&alloc_id808&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list