[Snort-users] How to enable XML Logging in Snort 2.3.2

Jitendra Gupta jitendrakrgupta_snort at ...5176...
Thu Apr 7 07:45:53 EDT 2005


Please could you detail me the name of the patch and
where can I get it.See I am a newbie.Please.
Jitendra


 --- Joshua Berry <jberry at ...11848...> wrote: 
> Yes, any extra output plugins require patches. 
> Snort does not already
> have an XML output plugin, you have to patch the
> source.
> 
> -----Original Message-----
> From: Jitendra Gupta
> [mailto:jitendrakrgupta_snort at ...5176...] 
> Sent: Wednesday, April 06, 2005 2:52 AM
> To: Joshua Berry; snort Mailing List
> Subject: RE: [Snort-users] How to enable XML Logging
> in Snort 2.3.2
> 
> which patch are you talking about?After installing
> libair I directly did ./configure --(parameters).If
> any patch is to be applied ,Please detail me.
> Thanks for your interest,
> Jitendra
> 
>  --- Joshua Berry <jberry at ...11848...> wrote: 
> > When you patched Snort, everything applied
> cleanly? 
> > This must be a
> > problem with newer Snort releases, I don't think
> > that the XML plugin is
> > maintained very much anymore.
> > 
> > -----Original Message-----
> > From: Jitendra Gupta
> > [mailto:jitendrakrgupta_snort at ...5176...] 
> > Sent: Tuesday, April 05, 2005 2:43 AM
> > To: Joshua Berry; snort Mailing List
> > Subject: RE: [Snort-users] How to enable XML
> Logging
> > in Snort 2.3.2
> > 
> > Dear Sir,
> >          Thanks a lot again for taking interest in
> > my
> > problem.Here's my output of ./configure --help :-
> > 
> > snort-2.3.2]# ./configure --help|more
> > 
> > `configure' configures this package to adapt to
> many
> > kinds of systems.
> >                                                   
>  
> >  
> >                                            
> > Usage: ./configure [OPTION]... [VAR=VALUE]...
> >                                                   
>  
> >  
> >                                            
> > To assign environment variables (e.g., CC,
> > CFLAGS...),
> > specify them as VAR=VALUE.  See below for
> > descriptions
> > of some of the useful variables.
> >                                                   
>  
> >  
> >                                            
> > Defaults for the options are specified in
> brackets.
> >                                                   
>  
> >  
> >                                            
> > Configuration:
> >   -h, --help              display this help and
> exit
> >       --help=short        display options specific
> > to 
> >                 this package
> >       --help=recursive    display the short help
> of
> > all the included packages
> >   -V, --version           display version
> > information
> > and exit
> >   -q, --quiet, --silent   do not print
> `checking...'
> > messages
> >       --cache-file=FILE   cache test results in
> FILE
> > [disabled]
> >   -C, --config-cache      alias for
> > `--cache-file=config.cache'
> >   -n, --no-create         do not create output
> files
> >       --srcdir=DIR        find the sources in DIR
> > [configure dir or `..']
> >                                                   
>  
> >  
> >                                            
> > Installation directories:
> >   --prefix=PREFIX         install
> > architecture-independent files in PREFIX
> >                           [/usr/local]
> >   --exec-prefix=EPREFIX   install
> > architecture-dependent files in EPREFIX
> >                           [PREFIX]
> >                                                   
>  
> >  
> >                                            
> > By default, `make install' will install all the
> > files
> > in
> > `/usr/local/bin', `/usr/local/lib' etc.  You can
> > specify
> > --More--
> > an installation prefix other than `/usr/local'
> using
> > `--prefix',
> > for instance `--prefix=$HOME'.
> >  
> > For better control, use the options below.
> >  
> > Fine tuning of the installation directories:
> >   --bindir=DIR           user executables
> > [EPREFIX/bin]
> >   --sbindir=DIR          system admin executables
> > [EPREFIX/sbin]
> >   --libexecdir=DIR       program executables
> > [EPREFIX/libexec]
> >   --datadir=DIR          read-only
> > architecture-independent data [PREFIX/share]
> >   --sysconfdir=DIR       read-only single-machine
> > data
> > [PREFIX/etc]
> >   --sharedstatedir=DIR   modifiable
> > architecture-independent data [PREFIX/com]
> >   --localstatedir=DIR    modifiable single-machine
> > data [PREFIX/var]
> >   --libdir=DIR           object code libraries
> > [EPREFIX/lib]
> >   --includedir=DIR       C header files
> > [PREFIX/include]
> >   --oldincludedir=DIR    C header files for
> non-gcc
> > [/usr/include]
> >   --infodir=DIR          info documentation
> > [PREFIX/info]
> >   --mandir=DIR           man documentation
> > [PREFIX/man]
> >  
> > Program names:
> >   --program-prefix=PREFIX            prepend
> PREFIX
> > to
> > installed program names
> >   --program-suffix=SUFFIX            append SUFFIX
> > to
> > installed program names
> >   --program-transform-name=PROGRAM   run sed
> PROGRAM
> > on installed program names
> >  
> > System types:
> >   --build=BUILD     configure for building on
> BUILD
> > [guessed]
> >   --host=HOST       cross-compile to build
> programs
> > to
> > run on HOST [BUILD]
> >  
> > --More--
> > Optional Features:
> >   --disable-FEATURE       do not include FEATURE
> > (same
> > as --enable-FEATURE=no)
> >   --enable-FEATURE[=ARG]  include FEATURE
> [ARG=yes]
> >   --enable-64bit-gcc    Try to compile 64bit (only
> > tested on Sparc Solaris 9).
> >   --disable-dependency-tracking Speeds up one-time
> > builds
> >   --enable-dependency-tracking  Do not reject slow
> > dependency extractors
> >   --enable-debug          enable debugging options
> > (bugreports and developers only)
> >   --enable-profile        enable profiling options
> > (developers only)
> >   --enable-sourcefire      Enable Sourcefire
> > specific
> > build options
> >   --enable-perfmonitor     Enable perfmonitor
> > preprocessor
> >   --enable-linux-smp-stats Enable statistics
> > reporting
> > through proc
> >   --enable-inline         Use the libipq interface
> > for
> > inline snort
> >   --enable-ipfw            Enable ipfw Divert mode
> > for
> 
=== message truncated === 

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony




More information about the Snort-users mailing list