[Snort-users] How to enable XML Logging in Snort 2.3.2

Jitendra Gupta jitendrakrgupta_snort at ...5176...
Mon Apr 4 07:23:05 EDT 2005


Thanks a lot Sir for helping me out but sorry to say
that it didn't work.
When I visited      
 http://aircert.sourceforge.net/libairutil/
             and
 http://aircert.sourceforge.net/libih/

They said :-

libairutil has been merged into libair
             and
libih has been merged into libair

and so I installed only libair .Then following your
instructions ,I did the following steps orderly:-

1.      snort-2.3.2]# aclocal-1.7
2.      snort-2.3.2]# autoheader-2.5x
3.      snort-2.3.2]# automake-1.7 --add-missing
4.      snort-2.3.2]# autoconf-2.5x
5.      snort-2.3.2]# ./configure
--with-libair=/usr/local/lib/ --with-mysql
Still ./configure --help  did not have any
 parameter for --with-libair 
6.      snort-2.3.2]# make
7.      snort-2.3.2]# make install
Then after editing snort.conf by adding 
  output xml: log,file=/var/log/snort/output.xml
 above the output database line(I am using MySQL) and
 running the command 
         snort -c snort.conf
 I again got the same error 
 ERROR:unknown output plugin:'xml'Fatal Error,
 Quitting..
Please help,
Jitendra



--- Joshua Berry <jberry at ...11848...> wrote:
> After patching snort, you should probably run:
> aclocal
> autoheader
> automake --add-missing
> autoconf
> 
> Then run ./configure --with-libih --with-libairtutil
> 
> -----Original Message-----
> From: snort-users-admin at lists.sourceforge.net
> [mailto:snort-users-admin at lists.sourceforge.net] On
> Behalf Of Jitendra
> Gupta
> Sent: Saturday, April 02, 2005 4:26 AM
> To: snort-users at lists.sourceforge.net
> Subject: [Snort-users] How to enable XML Logging in
> Snort 2.3.2
> 
> Hello List,
>            I am a newbie to Snort .I have installed
> Snort 2.3.2 on Mandrake 9.2 and want to enable XML
> logging in it.I have gone through                   
>  
> 
> 
>        http://www.cert.org/kb/snortxml/
> 
> but still cannot achieve it.I installed 
> libairutil 0.2.24 and libair 0.4.30.
> Then I rebuilt the snort using 
>  /configure --with-libih --with-libairtutil.
> But when I did ./configure --help I didnot find any
> parameter for --with-libih and
> --with-libairutil.Still
> I continued to do make and make install.Then after
> editing
> snort.conf by adding 
>  output xml: log,file=/var/log/snort/output.xml
> above the output database line(I am using MySQL) and
> running the command 
>         snort -c snort.conf
> I get the error 
> ERROR:unknown output plugin:'xml'Fatal Error,
> Quitting..
> Please Help me out.I am in deep need of the
> solution.If you can suggest any other method ,please
> suggest.
> Thanking You,
> Yours Faithfully,
> Jitendra
> 
> 
>
________________________________________________________________________
> Yahoo! India Matrimony: Find your life partner
> online
> Go to: http://yahoo.shaadi.com/india-matrimony
> 
> 
>
-------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT
> Products from real users.
> Discover which products truly live up to the hype.
> Start reading now.
>
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or
> unsubscribe:
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony




More information about the Snort-users mailing list