[Snort-users] RE: SnortALog error
mkettler at ...4108...
Mon Apr 25 15:19:02 EDT 2005
Patterson, Mike wrote:
>I have taken my original binary snort log and converted to a tcpdump text file (thanks to the assistance of a few nice guys in this group) using the following command:
> tcpdump -r snort.log > syslog-like.log
>However, when I try to analyze the file with the SnortALog tool using the following command, I get the error "No correct logs found.":
> cat syslog-like.log | ./snortalog.pl -r -n 30
>Any suggestions? Thanks in advance!!
As I said before this isn't going to help you:
If it's a tcpdump format packet capture, you read it with tcpdump -r or
snort -r, but this won't help you as the file doesn't contain the alerts
you need, it's just a log of the offending packets.
More information about the Snort-users