[Snort-users] How to enable XML Logging in Snort 2.3.2

Jitendra Gupta jitendrakrgupta_snort at ...5176...
Thu Apr 7 08:07:57 EDT 2005


I came to know about the XML plugin from 
     http://www.cert.org/kb/snortxml/
I have done all steps of it but all in vain and it
also does not speak of any patches.
Jitendra

 --- Joshua Berry <jberry at ...11848...> wrote: 
> Where did you get the information about the XML
> output plugin in the
> first place?  This is where the patch will be.
> 
> -----Original Message-----
> From: Jitendra Gupta
> [mailto:jitendrakrgupta_snort at ...5176...] 
> Sent: Thursday, April 07, 2005 9:40 AM
> To: Joshua Berry; snort Mailing List
> Subject: RE: [Snort-users] How to enable XML Logging
> in Snort 2.3.2
> 
> 
> Please could you detail me the name of the patch and
> where can I get it.See I am a newbie.Please.
> Jitendra
> 
> 
>  --- Joshua Berry <jberry at ...11848...> wrote: 
> > Yes, any extra output plugins require patches. 
> > Snort does not already
> > have an XML output plugin, you have to patch the
> > source.
> > 
> > -----Original Message-----
> > From: Jitendra Gupta
> > [mailto:jitendrakrgupta_snort at ...5176...] 
> > Sent: Wednesday, April 06, 2005 2:52 AM
> > To: Joshua Berry; snort Mailing List
> > Subject: RE: [Snort-users] How to enable XML
> Logging
> > in Snort 2.3.2
> > 
> > which patch are you talking about?After installing
> > libair I directly did ./configure
> --(parameters).If
> > any patch is to be applied ,Please detail me.
> > Thanks for your interest,
> > Jitendra
> > 
> >  --- Joshua Berry <jberry at ...11848...> wrote: 
> > > When you patched Snort, everything applied
> > cleanly? 
> > > This must be a
> > > problem with newer Snort releases, I don't think
> > > that the XML plugin is
> > > maintained very much anymore.
> > > 
> > > -----Original Message-----
> > > From: Jitendra Gupta
> > > [mailto:jitendrakrgupta_snort at ...5176...] 
> > > Sent: Tuesday, April 05, 2005 2:43 AM
> > > To: Joshua Berry; snort Mailing List
> > > Subject: RE: [Snort-users] How to enable XML
> > Logging
> > > in Snort 2.3.2
> > > 
> > > Dear Sir,
> > >          Thanks a lot again for taking interest
> in
> > > my
> > > problem.Here's my output of ./configure --help
> :-
> > > 
> > > snort-2.3.2]# ./configure --help|more
> > > 
> > > `configure' configures this package to adapt to
> > many
> > > kinds of systems.
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > Usage: ./configure [OPTION]... [VAR=VALUE]...
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > To assign environment variables (e.g., CC,
> > > CFLAGS...),
> > > specify them as VAR=VALUE.  See below for
> > > descriptions
> > > of some of the useful variables.
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > Defaults for the options are specified in
> > brackets.
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > Configuration:
> > >   -h, --help              display this help and
> > exit
> > >       --help=short        display options
> specific
> > > to 
> > >                 this package
> > >       --help=recursive    display the short help
> > of
> > > all the included packages
> > >   -V, --version           display version
> > > information
> > > and exit
> > >   -q, --quiet, --silent   do not print
> > `checking...'
> > > messages
> > >       --cache-file=FILE   cache test results in
> > FILE
> > > [disabled]
> > >   -C, --config-cache      alias for
> > > `--cache-file=config.cache'
> > >   -n, --no-create         do not create output
> > files
> > >       --srcdir=DIR        find the sources in
> DIR
> > > [configure dir or `..']
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > Installation directories:
> > >   --prefix=PREFIX         install
> > > architecture-independent files in PREFIX
> > >                           [/usr/local]
> > >   --exec-prefix=EPREFIX   install
> > > architecture-dependent files in EPREFIX
> > >                           [PREFIX]
> > >                                                 
>  
> >  
> > >  
> > >                                            
> > > By default, `make install' will install all the
> > > files
> > > in
> > > `/usr/local/bin', `/usr/local/lib' etc.  You can
> > > specify
> > > --More--
> > > an installation prefix other than `/usr/local'
> > using
> > > `--prefix',
> > > for instance `--prefix=$HOME'.
> > >  
> > > For better control, use the options below.
> > >  
> > > Fine tuning of the installation directories:
> > >   --bindir=DIR           user executables
> > > [EPREFIX/bin]
> > >   --sbindir=DIR          system admin
> executables
> > > [EPREFIX/sbin]
> > >   --libexecdir=DIR       program executables
> > > [EPREFIX/libexec]
> > >   --datadir=DIR          read-only
> > > architecture-independent data [PREFIX/share]
> > >   --sysconfdir=DIR       read-only
> single-machine
> > > data
> > > [PREFIX/etc]
> > >   --sharedstatedir=DIR   modifiable
> > > architecture-independent data [PREFIX/com]
> > >   --localstatedir=DIR    modifiable
> single-machine
> > > data [PREFIX/var]
> > >   --libdir=DIR           object code libraries
> > > [EPREFIX/lib]
> > >   --includedir=DIR       C header files
> > > [PREFIX/include]
> > >   --oldincludedir=DIR    C header files for
> > non-gcc
> > > [/usr/include]
> > >   --infodir=DIR          info documentation
> > > [PREFIX/info]
> > >   --mandir=DIR           man documentation
> > > [PREFIX/man]
> > >  
> > > Program names:
> > >   --program-prefix=PREFIX            prepend
> > PREFIX
> > > to
> > > installed program names
> > >   --program-suffix=SUFFIX            append
> SUFFIX
> > > to
> > > installed program names
> > >   --program-transform-name=PROGRAM   run sed
> > PROGRAM
> > > on installed program names
> > >  
> > > System types:
> > >   --build=BUILD     configure for building on
> > BUILD
> > > [guessed]
> 
=== message truncated === 

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony




More information about the Snort-users mailing list