[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SnortSnarf

Does anybody use SnortSnarf to produce HTML output from snort's logs?
When I invoke SnortSnarf

# ./snortsnarf.pl /var/log/syslog.log /var/log/snort/snort.log 

it skips all snort's records from log files:

...
unknown alert format for line: Dec 21 13:32:02 hellix snort: NMAP TCP ping!: 216.104.228.102:80 -> 193.125.199.13:80 ; skipping
...

...
unknown alert format for line: tиA:< at include/snort_alert_parse.pl line 78, <alertfh00> chunk 11.
...

Where SnortSnarf should find out alert format from?

-- 
With best wishes, Dnitry Rojkov
Reply to: