Re: [logs] Tcpdump log analysis

From: Russell Fulton (r.fultonat_private)
Date: Thu Feb 20 2003 - 13:34:30 PST

  • Next message: Anderson Johnston: "Re: [logs] Tcpdump log analysis"

    On Thu, 2003-02-20 at 20:00, Fabien Pouget wrote:
    > Hi all,
    > I collected many binary logs with tcpdump. I would like to study them
    > and to do so, I planned to export these files into a mysql database. 
    > What I am doing now is simply to collect few data through perl scripts
    > and analyze them. But no database... 
    > Does it exist any tools to help me fulfil this task ? Or any trick I
    > missed ?
    As others have pointed out it depends very much on what you want to do.
    Snort ( will read tcpdump files and can log packets to a
    database.  It will also collect the traces for you (i.e. you can use it
    in place of tcpdump.
    Russell Fulton, Computer and Network Security Officer
    The University of Auckland,  New Zealand
    "It aint necessarily so"  - Gershwin
    LogAnalysis mailing list

    This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 13:58:17 PST