[Snort-users] Barnyard2 output to postgreSQL

Avery Rozar Avery.Rozar at ...16118...
Fri May 23 21:25:02 EDT 2014


Is something wrong with my ip info from barnyard2? The ip address are not showing up as standard IPv4 as I’d thought.

csdashboard=# select * from iphdr ;
 sid | cid |   ip_src   |   ip_dst   | ip_ver | ip_hlen | ip_tos | ip_len | ip_id | ip_flags | ip_off | ip_ttl | ip_proto | ip_csum
-----+-----+------------+------------+--------+---------+--------+--------+-------+----------+--------+--------+----------+---------
   1 |   1 | 2886730039 | 2887777037 |      4 |       5 |      0 |    663 |  4063 |        0 |      0 |     64 |        6 |   54285
   1 |   2 | 2886730039 | 2887777037 |      4 |       5 |      0 |    663 | 28735 |        0 |      0 |     64 |        6 |   29613
   1 |   3 | 1815870597 | 2887777037 |      4 |       5 |      0 |    419 | 51507 |        0 |      0 |     60 |        6 |   25651




More information about the Snort-users mailing list