Re: [logs] Tcpdump log analysis

From: Marcus J. Ranum (mjrat_private)
Date: Thu Feb 20 2003 - 08:05:35 PST

  • Next message: Dan Barahona: "RE: [logs] Fwd: Firewall logs"

    Yann Berthier wrote:
    >> I collected many binary logs with tcpdump. I would like to study them
    >> and to do so, I planned to export these files into a mysql database. 
    Check out Ethereal and EtherApe.
    I have been looking at Ethereal's packet coloring rules stuff and
    thinking you could _almost_ build a decent IDS out of a good set
    of filtering and colorizing rules. ;)
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 09:09:39 PST