[Snort-users] Unified snort logs to text?

beenph beenph at ...11827...
Mon Dec 17 15:43:31 EST 2012

On Mon, Dec 17, 2012 at 3:30 PM, Steve Marotta <smarotta at ...16014...> wrote:
> Is there a way to use Barnyard to simply take the unified logs that Snort
produces in NIDS mode and turn them into text files? I see that Barnyard
reads the data into a database; I don't need all of that, just something to
generate a text file with a list of high-level network events.

In barnyard2.conf example distributed with the source.

This might be what your looking for.

# alert_fast
# Purpose: Converts data to an approximation of Snort's "fast alert" mode.
# Arguments: file <file>, stdout
# arguments should be comma delimited.
# file - specifiy alert file
# stdout - no alert file, just print to screen
# Examples:
# output alert_fast
# output alert_fast: stdout
output alert_fast: stdout

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20121217/725f7fd9/attachment.html>

More information about the Snort-users mailing list