Configure the MySQL output plugin in Snort, write a rule to log what you're looking for, then replay your tcpdump traffic through snort with the -r switch. MH> -----Original Message----- From: Fabien Pouget [mailto:Fabien.Pougetat_private] Sent: Thursday, February 20, 2003 2:01 AM To: loganalysisat_private Cc: fabien.pougetat_private Subject: [logs] Tcpdump log analysis Hi all, I collected many binary logs with tcpdump. I would like to study them and to do so, I planned to export these files into a mysql database. What I am doing now is simply to collect few data through perl scripts and analyze them. But no database... Does it exist any tools to help me fulfil this task ? Or any trick I missed ? Any help would be very appreciated Thanks a lot Fabien _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 13:43:41 PST