[Oisf-users] Logging full sessions and HTTP logs concurrently
Cooper F. Nelson
cnelson at ucsd.edu
Thu Sep 19 14:41:32 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Snort ships with a tool (u2boat) that converts u2 files to pcaps.
http://taosecurity.blogspot.com/2010/11/two-new-tools-in-snort.html
On 9/19/2013 2:28 AM, Victor Julien wrote:
>
> When fixed, this works by pushing the tags into the unified2 records,
> so barnyard2 would have to make pcap files out of that. Not sure how
> to configure by2 for that though.
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSOw0cAAoJEKIFRYQsa8FWqzkH/2Ht4uLe2I0XxXYtSPqFpUNi
YBeFBRrEsoXhjaU41HVmxvzGN9PYGjo/H69KFzat6Hy5/bu4DMKK5MSDJ+AdUd8E
pLv3DMH8cCDe8B1UO7hxZ4Hle1fcxhFDjPuLTNT7wGSiCRajAzirMwGbXHF6pFU+
gE3PuEvxm0LqXxOBceVOCMijblDjlhaOQktJKrZyY+K0jmutFX5kvFZWe+t2So3s
z86wcZSCUDxjgC1ylk4/PBXO/TH21Jwffj9Mzv5tqK58birRhKrraUKz2sgJkkLN
MO45sSqG4uM9uHvtDFefJSokRmUwR8R4tcLEIdtLWXH2gU89w80sPOso/4NNJOc=
=yLd2
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list