[logs] parsing snort files

• Previous message: Ian McNish: "[logs] logsurfer inclusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
 
I tried to parse snort dump file and alert file with fwlogwatch 0.9.4,
but it failed to recognized the tcpdump file and the alert from snort.
How can I configure fwlogwatch properly for snort file parsing?
 
Here is the output from commandline I used:
 
[root@nids fwlogwatch-0.9.3]# fwlogwatch -v -v -w -o report.html -l 1d
-m 2 -t -e -z -n -N -p -s -d -y /var/log/snort/alert  
Opening input file '/var/log/snort/alert'
Processing
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
________________________________________________________________________
__________________________________________
 
 
Thanks
Sam
 




_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: samwun: "[logs] RE: parsing snort files"
• Previous message: Ian McNish: "[logs] logsurfer inclusion"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Dec 28 2003 - 19:02:50 PST