[Snort-users] Converting ASCII logs to Unified Format
j_oleary_langara at ...4554...
Mon Mar 14 08:20:15 EST 2005
I should clarify that I was given the Snort log files from an external
source, not from my own Snort.conf. I need to convert these text files into
unified so Barnyard can stick them into MySQL.
From: Esler, Joel CNTR/Sytex [mailto:joel.esler at ...9426...]
Sent: Monday, March 14, 2005 8:16 AM
To: Jim O'Leary
Cc: snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Converting ASCII logs to Unified Format
Unified format is completely different from the ASCII log. I would double
check your Snort.conf settings.
On Sat, 2005-03-12 at 22:03 -0800, Jim O'Leary wrote:
I have Snort set up so that it outputs logs and alerts to the binary
"unified" format. I also have barnyard set up so that it reads those binary
files and sticks them into a MySQL database.
The problem is, I've been given a group of Snort output files that are in
the ASCII format. How do I convert these files to "unified" so I can get
barnyard to stick them into MySQL?
Esler, Joel CNTR/Sytex <joel.esler at ...9426...>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users