[Snort-users] Extracting ip address
wkitty42 at ...14940...
Wed Apr 17 12:56:18 EDT 2013
On 4/17/2013 05:22, Lloyd wrote:
> open the log file in wireshark, you can see the ip address.
if the files in question are snort.log.xxxxxxxxxxxxxx type, then this would work
since they are actually pcap files and not ascii text files as most log files are ;)
i don't find the original post here so i can go back to it but i have to wonder
exactly what log files the OP is speaking of... there's also the default alert
file which is plain ascii text and human readable as well as esaily parsed with
perl and other text manipulating tools :)
> On Wed, Apr 17, 2013 at 12:02 PM, Prathibha P G <prathibhapg at ...11827...
> <mailto:prathibhapg at ...11827...>> wrote:
> How to extract source ip address and estination ip address from snort log
> files.kindly help me
NOTE: No off-list assistance is given without prior approval.
Please keep mailing list traffic on the list unless
private contact is specifically requested and granted.
More information about the Snort-users