[Snort-users] preprocessor perfmonitor fields

Lee Clemens snort at ...13080...
Thu Mar 17 00:45:43 EST 2005


I'm outputting perfmonitor to a file and I can't see any documentation as to
what fields are what. Since it is to a file, the manual just says that not
all fields are recorded (from the bulleted list above). 

As per development, maybe the first field could simply be comma delimited
field names, depending on the options set in snort.conf? I wouldn't mind
sorting through a few of these if it outputted did this every time the
service starts...but for now, is there a way I can tell what the values
represent?

btw, I'm using windows and Snort running as-is (no ACID, BASE, etc), so I'm
not sure what console output would do...






More information about the Snort-users mailing list