[Snort-users] Converting ASCII logs to Unified Format
Esler, Joel CNTR/Sytex
joel.esler at ...9426...
Mon Mar 14 08:25:31 EST 2005
So, I am guessing that you can an alert file you want to convert?
On Mon, 2005-03-14 at 08:19 -0800, Jim O'Leary wrote:
> I should clarify that I was given the Snort log files from an external
> source, not from my own Snort.conf. I need to convert these text files
> into unified so Barnyard can stick them into MySQL.
> -----Original Message-----
> From: Esler, Joel CNTR/Sytex [mailto:joel.esler at ...13173...
> Sent: Monday, March 14, 2005 8:16 AM
> To: Jim O'Leary
> Cc: snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] Converting ASCII logs to Unified
> Unified format is completely different from the ASCII log. I
> would double check your Snort.conf settings.
> On Sat, 2005-03-12 at 22:03 -0800, Jim O'Leary wrote:
> > I have Snort set up so that it outputs logs and alerts to
> > the binary "unified" format. I also have barnyard set up so
> > that it reads those binary files and sticks them into a
> > MySQL database.
> > The problem is, I've been given a group of Snort output
> > files that are in the ASCII format. How do I convert these
> > files to "unified" so I can get barnyard to stick them into
> > MySQL?
> > Thanks
> Esler, Joel CNTR/Sytex <joel.esler at ...9426...>
Esler, Joel CNTR/Sytex <joel.esler at ...9426...>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users