[Snort-users] CSV output plugins for barnyard2 and snort

Sean Cruikshank sean.cruikshank at ...15979...
Mon Jan 16 07:29:39 EST 2017


Hi guys,


I've been playing around with the csv output plugins for both barnyard and snort for a data viz app im developing.


I've come across a couple of major issues. With Barnyard2 the following happens,


Im using the configuration: output alert_csv: /var/log/snort/csv.out msg,priority,timestamp,protoname,srcip,sport,dstip,dport,classname,class

However the fields priority, sport, dport, classname and class are empty.


With Snort fields such as priority, class and classname arent even present.


I despertely need these values for the application im making.


If anyone has any idea how to get around this please let me know.


Cheers,


Sean Cruikshank


P.S.


Im developing the application using Python and use the mysql database with barnyard2,


so if there is a way of retrieving the neccessary data from the mysql database with Python I could also achieve this.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170116/3f48db37/attachment.html>


More information about the Snort-users mailing list