[Snort-users] How to enable XML Logging in Snort 2.3.2

Jitendra Gupta jitendrakrgupta_snort at ...5176...
Thu Apr 7 08:28:16 EDT 2005


Thanks for all your efforts.Let me try further and if
I get hold of any solution I will certainly inform you
and the mailing list.
Jitendra
 --- Joshua Berry <jberry at ...11848...> wrote: 
> I believe that the patches or plugin use to be
> provided with the Snort
> source code, but is not any longer.
> 
> -----Original Message-----
> From: Jitendra Gupta
> [mailto:jitendrakrgupta_snort at ...5176...] 
> Sent: Thursday, April 07, 2005 9:57 AM
> To: Joshua Berry; snort Mailing List
> Subject: RE: [Snort-users] How to enable XML Logging
> in Snort 2.3.2
> 
> 
> I came to know about the XML plugin from 
>      http://www.cert.org/kb/snortxml/
> I have done all steps of it but all in vain and it
> also does not speak of any patches.
> Jitendra
> 
>  --- Joshua Berry <jberry at ...11848...> wrote: 
> > Where did you get the information about the XML
> > output plugin in the
> > first place?  This is where the patch will be.
> > 
> > -----Original Message-----
> > From: Jitendra Gupta
> > [mailto:jitendrakrgupta_snort at ...5176...] 
> > Sent: Thursday, April 07, 2005 9:40 AM
> > To: Joshua Berry; snort Mailing List
> > Subject: RE: [Snort-users] How to enable XML
> Logging
> > in Snort 2.3.2
> > 
> > 
> > Please could you detail me the name of the patch
> and
> > where can I get it.See I am a newbie.Please.
> > Jitendra
> > 
> > 
> >  --- Joshua Berry <jberry at ...11848...> wrote: 
> > > Yes, any extra output plugins require patches. 
> > > Snort does not already
> > > have an XML output plugin, you have to patch the
> > > source.
> > > 
> > > -----Original Message-----
> > > From: Jitendra Gupta
> > > [mailto:jitendrakrgupta_snort at ...5176...] 
> > > Sent: Wednesday, April 06, 2005 2:52 AM
> > > To: Joshua Berry; snort Mailing List
> > > Subject: RE: [Snort-users] How to enable XML
> > Logging
> > > in Snort 2.3.2
> > > 
> > > which patch are you talking about?After
> installing
> > > libair I directly did ./configure
> > --(parameters).If
> > > any patch is to be applied ,Please detail me.
> > > Thanks for your interest,
> > > Jitendra
> > > 
> > >  --- Joshua Berry <jberry at ...11848...> wrote: 
> > > > When you patched Snort, everything applied
> > > cleanly? 
> > > > This must be a
> > > > problem with newer Snort releases, I don't
> think
> > > > that the XML plugin is
> > > > maintained very much anymore.
> > > > 
> > > > -----Original Message-----
> > > > From: Jitendra Gupta
> > > > [mailto:jitendrakrgupta_snort at ...5176...] 
> > > > Sent: Tuesday, April 05, 2005 2:43 AM
> > > > To: Joshua Berry; snort Mailing List
> > > > Subject: RE: [Snort-users] How to enable XML
> > > Logging
> > > > in Snort 2.3.2
> > > > 
> > > > Dear Sir,
> > > >          Thanks a lot again for taking
> interest
> > in
> > > > my
> > > > problem.Here's my output of ./configure --help
> > :-
> > > > 
> > > > snort-2.3.2]# ./configure --help|more
> > > > 
> > > > `configure' configures this package to adapt
> to
> > > many
> > > > kinds of systems.
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > Usage: ./configure [OPTION]... [VAR=VALUE]...
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > To assign environment variables (e.g., CC,
> > > > CFLAGS...),
> > > > specify them as VAR=VALUE.  See below for
> > > > descriptions
> > > > of some of the useful variables.
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > Defaults for the options are specified in
> > > brackets.
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > Configuration:
> > > >   -h, --help              display this help
> and
> > > exit
> > > >       --help=short        display options
> > specific
> > > > to 
> > > >                 this package
> > > >       --help=recursive    display the short
> help
> > > of
> > > > all the included packages
> > > >   -V, --version           display version
> > > > information
> > > > and exit
> > > >   -q, --quiet, --silent   do not print
> > > `checking...'
> > > > messages
> > > >       --cache-file=FILE   cache test results
> in
> > > FILE
> > > > [disabled]
> > > >   -C, --config-cache      alias for
> > > > `--cache-file=config.cache'
> > > >   -n, --no-create         do not create output
> > > files
> > > >       --srcdir=DIR        find the sources in
> > DIR
> > > > [configure dir or `..']
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > Installation directories:
> > > >   --prefix=PREFIX         install
> > > > architecture-independent files in PREFIX
> > > >                           [/usr/local]
> > > >   --exec-prefix=EPREFIX   install
> > > > architecture-dependent files in EPREFIX
> > > >                           [PREFIX]
> > > >                                               
>  
> >  
> > >  
> > > >  
> > > >                                            
> > > > By default, `make install' will install all
> the
> > > > files
> > > > in
> > > > `/usr/local/bin', `/usr/local/lib' etc.  You
> can
> > > > specify
> > > > --More--
> > > > an installation prefix other than `/usr/local'
> > > using
> > > > `--prefix',
> > > > for instance `--prefix=$HOME'.
> > > >  
> > > > For better control, use the options below.
> > > >  
> > > > Fine tuning of the installation directories:
> > > >   --bindir=DIR           user executables
> > > > [EPREFIX/bin]
> > > >   --sbindir=DIR          system admin
> > executables
> > > > [EPREFIX/sbin]
> > > >   --libexecdir=DIR       program executables
> > > > [EPREFIX/libexec]
> > > >   --datadir=DIR          read-only
> > > > architecture-independent data [PREFIX/share]
> > > >   --sysconfdir=DIR       read-only
> 
=== message truncated === 

________________________________________________________________________
Yahoo! India Matrimony: Find your life partner online
Go to: http://yahoo.shaadi.com/india-matrimony




More information about the Snort-users mailing list