[Snort-users] data_log output

Sunil Koul koulsunil1 at ...11827...
Sun Jun 19 08:48:33 EDT 2016


Hello people

I would like to know the correct usage for data_log inspector. When i use
snort -c $my_path/etc/snort/snort.lua \
        --plugin-path $my_path/lib/snort_extra \
        -A alert_ex -r /path/to/my.pcap
as mentioned in doc/usage.txt after including data_log = { key =
'http_raw_uri' } in snort.lua, a data.log gets created in the home
directory but with no output(blank).

How do i explicitly load only the data_log inspector to extract and print
data onto the data.log file?

Thanks
Sunil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160619/dbc75a23/attachment.html>


More information about the Snort-users mailing list