Snort mailing list archives
IDMEF plugin for snort 2.6?
From: Jochen Kaiser <Jochen.Kaiser () rrze uni-erlangen de>
Date: Sun, 22 Jul 2007 15:36:57 +0200
Hi, I need IDMEF output from snort for a research project. Since the IDMEF plugin is a diff against 2.4.4 my question: is there another plugin or method available from anyone? Maybe there is a IDMEF proxy which gets a stream of events an generates IDMEF messages? I would like a direct IDMEF output from snort. At the moment I query the ACID-SQL-database for certain events and generate an IDMEF message. Any ideas, hints? regards, JK ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IDMEF plugin for snort 2.6? Jochen Kaiser (Jul 22)
- Re: IDMEF plugin for snort 2.6? Justin Heath (Jul 22)
- Re: IDMEF plugin for snort 2.6? (infor) urko zurutuza (Jul 23)
- Re: IDMEF plugin for snort 2.6? Justin Heath (Jul 22)