Google
 
 
Home arrow Program Downloads arrow Snort Log Parser

Main Menu
 Home
 Linux Articles
 FreeBSD Articles
 Apache Articles
 Perl Articles
 Other Articles
 Program Downloads
 Free Books
 News
 The Web Links
 Contact Us

Most Read
Automating SFTP using expect
FreeBSD PPTP VPN
Shorewall Router on Linux
Shorewall Stand Alone Firewall
SnortShorwall - Using Snort And Shorewall Together

Polls
Favorite Linux/BSD
Fedora
Mandrake
Debian
Slackware
Gentoo
Suse
FreeBSD
Other
  

Syndicate
Latest news direct to your desktop
RSS

Login Form
Username

Password

Remember me
Forgotten your password?
No account yet? Create one

Members Online
Linux-BSD-Central Has a Total of 139 Members   Members (139) # Online
We have 17 Guests Online. Guests 17
We have 0 Users Online. Users 0

Online Users
No Users Online

Statistics
OS: Linux b
PHP: 5.2.5
MySQL: 5.0.45-community-log
Time: 16:38
Members: 139
Hits: 731663
News: 269
WebLinks: 15




Snort Log Parser   PDF  Print  E-mail 
Contributed by Chad Brandt  
Thursday, 17 June 2004
Simple log parser for Snort IDS.

This is a program that will parse the snort messages from your alert log file and display them in a way that is easy to understand. This gives the option to just see the messages for the current day by default and allows you to view specific days or all days with command line argument

Download Snort Log Parser

Example output:

08/30 03:10:47  TCP  64.246.165.150:56040 -> 65.29.17.55:80       (http_inspect) NON-RFC HTTP DELIMITER    13   
08/30 07:11:27  TCP  65.29.17.55:1492     -> 64.49.216.105:80     WEB-CGI redirect access                  895  
08/30 07:16:18  TCP  65.29.17.55:1858     -> 63.165.133.10:80     WEB-CGI redirect access                  895  
08/30 07:29:41  TCP  65.29.17.55:2030     -> 64.233.179.104:80    WEB-IIS %2E-asp access                   972

Comments

Only registered users can write comments.
Please login or register.

Powered by AkoComment 1.0 beta 2!



 
Google Ads