RE: [logs] Tcpdump log analysis

From: Holstein, Michael (mholsteinat_private)
Date: Thu Feb 20 2003 - 10:47:42 PST

  • Next message: durnieat_private: "Re: [logs] Security animation - or at least graphic visualizations"

    Configure the MySQL output plugin in Snort, write a rule to log what you're looking for, then replay your tcpdump traffic through snort with the -r switch.
    
    MH>
    
    -----Original Message-----
    From: Fabien Pouget [mailto:Fabien.Pougetat_private]
    Sent: Thursday, February 20, 2003 2:01 AM
    To: loganalysisat_private
    Cc: fabien.pougetat_private
    Subject: [logs] Tcpdump log analysis
    
    
    
    
    Hi all,
    
    I collected many binary logs with tcpdump. I would like to study them
    and to do so, I planned to export these files into a mysql database. 
    What I am doing now is simply to collect few data through perl scripts
    and analyze them. But no database... 
    Does it exist any tools to help me fulfil this task ? Or any trick I
    missed ?
    
    
    Any help would be very appreciated
    
    Thanks a lot
    
    
    Fabien
    
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    _______________________________________________
    LogAnalysis mailing list
    LogAnalysisat_private
    http://lists.shmoo.com/mailman/listinfo/loganalysis
    



    This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 13:43:41 PST