[Snort-users] Re: Help with alert_unixsock issues

James Turnbull james at ...13655...
Thu Dec 1 08:35:08 EST 2005


Simon Biles kindly provided the below code where he has specified a 
template for unpacking part of the alert format of the alerts sent to 
the alert_unixsock output plug-in.
> $TEMPLATE = "A256 A*";
Does anyone know if the format of these alerts is documented somewhere?  
I am having a lot of trouble unpacking the remainder of the data in the 


James Turnbull

James Turnbull <james at ...13655...>
Author of Hardening Linux from Apress
PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)

More information about the Snort-users mailing list