| |
|
|
Examples |
| |
# cat snort*.rules | ./snortalog.pl -genref refsigtxt
SnortALog will generate a referenced rules file from your Snort rules or your own signatures.
# cat file.logs | ./snortalog.pl -r -n 30 -report
SnortALog will generate a report in ASCII format with address resolution and a maximum of 30 occurences for all reports.
# cat file.logs | ./snortalog.pl -n 30 -report -fether eth1
SnortALog will generate a report in ASCII format with interface filter.
# cat file.logs | ./snortalog.pl -r -n 30 -dst_attack
SnortALog will generate a report in ASCII format with address resolution and a maximum number of 30 occurences for the report dst_attack.
# cat file.logs | ./snortalog.pl -r -i -o file.html -report
SnortALog will generate a report in HTML format stored in file.html with address resolution and display the result from least frequent to most frequent occurences (reverse mode).
# cat file.logs | ./snortalog.pl -r -g gif -o /tmp/file.html -report
Same as the previous example but with Gif graphs and in a specific directorie.
# cat file.logs | ./snortalog.pl -o file.pdf -report
SnortALog will generate a report in PDF format stored in file.pdf.
# fwm logexport -n -p | ./snortalog.pl -r -n 30 -report -o report.pdf
SnortALog will generate a report in PDF format directly from the CheckPoint Command Line..
# cat file.logs | ./snortalog.pl -i -n 30 -report | /usr/sbin/sendmail -f user@domain user@domain
SnortALog will generate a report in ASCII format with reverse request, and a maximum number of 30 occurences and send the result by mail.
# cat file_200212[1-7] | ./snortalog.pl -report
SnortALog will genrerate a report in ASCII format with all events of the first week of December (between the 1st and 7th).
# cat file_20021* | ./snortalog.pl -report
SnortALog will genrerate a report in ASCII format with all events of the three last months of the year 2002 (month 10, 11 and 12).
# ./snortalog.pl -x
Perform SnortALog with "-x" option to launch the Graphical Use Interface.
| | |
| |
|
