[Snort-users] Re: Help with alert_unixsock issues
james at ...13655...
Thu Dec 1 08:35:08 EST 2005
Simon Biles kindly provided the below code where he has specified a
template for unpacking part of the alert format of the alerts sent to
the alert_unixsock output plug-in.
> $TEMPLATE = "A256 A*";
Does anyone know if the format of these alerts is documented somewhere?
I am having a lot of trouble unpacking the remainder of the data in the
James Turnbull <james at ...13655...>
Author of Hardening Linux from Apress
PGP Key (http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0C42DF40)
More information about the Snort-users