[Oisf-users] --pcap-dir equivalent?
Chris Wakelin
c.d.wakelin at reading.ac.uk
Wed Oct 22 22:00:35 UTC 2014
Have a look at
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Interacting_via_Unix_Socket
I think the bit under "Pcap processing mode" is what you want?
Best Wishes,
Chris
On 22/10/14 22:20, Duane Howard wrote:
> Does Suricata have a --pcap-dir equivalent? Or a better method of running
> through a stack of pcap files that doesn't involve looping over -r, or
> using tcpreplay or similar?
>
> ./d
>
>
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Training now available: http://suricata-ids.org/training/
>
--
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin, c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading, Tel: +44 (0)118 378 2908
Whiteknights, Reading, RG6 6AF, UK Fax: +44 (0)118 975 3094
More information about the Oisf-users
mailing list