[Oisf-users] --pcap-dir equivalent?

Duane Howard duane.security at gmail.com
Wed Oct 22 22:07:53 UTC 2014


Thanks, I think that'll do. =)

On Wed, Oct 22, 2014 at 3:00 PM, Chris Wakelin <c.d.wakelin at reading.ac.uk>
wrote:

> Have a look at
>
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Interacting_via_Unix_Socket
>
> I think the bit under "Pcap processing mode" is what you want?
>
> Best Wishes,
> Chris
>
> On 22/10/14 22:20, Duane Howard wrote:
> > Does Suricata have a --pcap-dir equivalent? Or a better method of running
> > through a stack of pcap files that doesn't involve looping over -r, or
> > using tcpreplay or similar?
> >
> > ./d
> >
> >
> >
> > _______________________________________________
> > Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Support:
> http://suricata-ids.org/support/
> > List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> > Training now available: http://suricata-ids.org/training/
> >
>
> --
> --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
> Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
> IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 2908
> Whiteknights, Reading, RG6 6AF, UK              Fax: +44 (0)118 975 3094
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Training now available: http://suricata-ids.org/training/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20141022/870b3a70/attachment-0002.html>


More information about the Oisf-users mailing list