[Snort-users] payload logging, barnyard2

beenph beenph at ...11827...
Fri Oct 29 09:54:37 EDT 2010


What do you mean by payload logging?

unified2 output_type: raw unified2 format and text "alert" unified2  format
log_unified2 output_type: support raw unified2 format
alert_unified2 output_type: support text "alert" unified2 format

raw unified2 contain the packet that triggered the alert.


-elz



On Fri, Oct 29, 2010 at 3:51 AM, Pradeep Lamabam <deeplamabam at ...11827...> wrote:
> Hi to all,
> Using Snort's unified2 output plugin with barnyard2.
> Running snort as : snort -u snort -c /etc/snort/snort.conf -i eth0
>
> Want to log payload as well. but don't see any plug-in in barnyard2.conf
>
> Could someone point out what i am missing?
>
> with regards,
> pradeep
>
> ------------------------------------------------------------------------------
> Nokia and AT&T present the 2010 Calling All Innovators-North America contest
> Create new apps & games for the Nokia N8 for consumers in  U.S. and Canada
> $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
> Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
> http://p.sf.net/sfu/nokia-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list