[Snort-users] Best script to pre-load signature metadata into a database

Joel Esler jesler at ...1935...
Thu Oct 7 11:09:07 EDT 2010


On Oct 7, 2010, at 10:19 AM, elof at ...6680... wrote:

> I want to pre-load my Postgres database with all the signature metadata 
> (titles, references, prios, etc) from my rules.
> 
> 
> I fould the script 'rules.pl' in an old FLoP tarball...
> ...but if there is a script that import the Generator signatures (from 
> gen-msg.map) as well, that would be even better.
> 
> 
> What am I looking for?

I have no idea.

If you take barnyard2 (if that outputs to postgres), and point it at your sid-msg.map file when barnyard2 starts up, it will insert all that stuff into the db when you have an alert.

Otherwise, can you clarify what you are trying to do?

J



More information about the Snort-users mailing list