[Snort-users] Barnyard2 configuration and event generation
wkitty42 at ...14940...
Wed Dec 19 13:16:03 EST 2012
sometimes less is more... why go thru all the twists and turns when it seems
that you only want is to list what is in the alert file? the alert file is a
plain ascii text file that is easily parsed with perl (or most any other text
parsing language or tools)... you can then output what ever you want from
there... this is basically what the Guardian Active Response system does...
however, its main goal is to manage blocked IPs by adding and removing them from
the firewall's iptables and to do it all automatically...
if you need some details on parsing the alert file, just ask... it really is
More information about the Snort-users