[Dshield] dshield_snort.pl

Eric Rosander erosander at matrixns.com
Thu Oct 11 17:37:48 GMT 2001


You have an older script, something changed in the Snort 1.8 format that
started producing the blank reports.  I have a modified script I got
from Mr. Ullrich a while back.  Email me and I can send it to you as an
attachment if you like, or we can petition Mr. Ullrich to post it to the
dshield site in all his spare time.... ;)

-------------------------------------------
Eric Rosander CISSP, GSEC, CCNA, MCSE/MCP+I
Managing Consultant, Network Security
Matrix Network Solutions
(916)601-3241
erosander at matrixns.com
http://www.matrixns.com
-------------------------------------------

-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org] On
Behalf Of Peter Borner
Sent: Thursday, October 11, 2001 6:17 AM
To: dshield at dshield.org
Subject: [Dshield] dshield_snort.pl


Hi,

I'm new to Dshield. I've downloaded the dshield_snort.pl script and
customised the script with my email addresses, server etc. In order to
test the script is working I set the "To" address to my own email
address. I fire off the script as follows:
 
./dsheild_snort.pl /var/log/snort/alert
 
I wait a few seconds, the script completes and I get a new email in my
mailbox. However, the body of the email is blank. Does anyone have
experience of using this script and if so can they help me. I am afraid
that PERL may as well be Greek to me!
 
TIA
 
Peter.





More information about the list mailing list