[Oisf-users] [oisf-users] Consolidating Stats File Results from Multiple Interface Monitoring
Victor Julien
victor at inliniac.net
Fri Feb 10 14:20:40 UTC 2012
On 02/10/2012 02:44 AM, Peter Manev wrote:
> Hi,
>
> I don't think this is possible(in suri), you could of course use some
> bash/perl/your choice of scripting to achieve that.
It's indeed not possible right now. I'm a bit torn on it, as I see use
for both cases. Ideally we're have it both simultaneously. Maybe we
should an easily parseble (csv or something) output option.
Cheers,
Victor
>
> Thanks
>
> On Thu, Feb 9, 2012 at 2:33 AM, Josh White <josh at securemind.org
> <mailto:josh at securemind.org>> wrote:
>
> When I run Suri to monitor multiple interfaces like "suricata -c
> /etc/suricata/suricata.yaml -i em1 -i em2 -i em3" the stats.log file
> has multiple entries for each stat. "one entry for each interface
> being monitored"
>
> Is there an easy way to consolidate the stats so all the interface
> stats are consolidated?
>
> Josh
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> <mailto:Oisf-users at openinfosecfoundation.org>
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>
>
>
> --
> Peter Manev
>
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list