[Snort-users] snort.stats key-value mapping

Karolis karolis.cepulis at ...11827...
Tue Mar 31 03:03:44 EDT 2015


Hi,

I am trying to map perfmonitor preprocessors statistics keys to values.

config:
preprocessor perfmonitor: time 300 file
/nsm/sensor_data/"sensor-name"/snort.stats pktcnt 10000

snort manual   <http://manual.snort.org/node88.html>states "There are over
100 individual statistics included. A header line is output at startup and
rollover that labels each column." although only 75 keys are listed.

snort.stats file has 96 keys  and 131 values.

How can I correctly map keys to values?

Karolis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150331/7294e8fd/attachment.html>


More information about the Snort-users mailing list