Hi guys,

I've been playing around with the csv output plugins for both barnyard and snort for a data viz app im developing.

I've come across a couple of major issues. With Barnyard2 the following happens,

Im using the configuration: output alert_csv: /var/log/snort/csv.out msg,priority,timestamp,protoname,srcip,sport,dstip,dport,classname,class

However the fields priority, sport, dport, classname and class are empty.

With Snort fields such as priority, class and classname arent even present.

I despertely need these values for the application im making.

If anyone has any idea how to get around this please let me know.


Sean Cruikshank


Im developing the application using Python and use the mysql database with barnyard2,

so if there is a way of retrieving the neccessary data from the mysql database with Python I could also achieve this.
