Difference between revisions of "SNORT: Cara membaca snort.log file"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
Gunakan opsi -r <filename> untuk membaca capture file binary dari libpcap format, | Gunakan opsi -r <filename> untuk membaca capture file binary dari libpcap format, | ||
− | |||
snort -dv -r /var/log/snort/snort.log.1085148255 | snort -dv -r /var/log/snort/snort.log.1085148255 | ||
Line 19: | Line 18: | ||
snort -dv -r /var/log/snort/snort.log.1085148255 tcp | snort -dv -r /var/log/snort/snort.log.1085148255 tcp | ||
− | |||
Line 27: | Line 25: | ||
* https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html | * https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html | ||
+ | |||
+ | |||
+ | ==Pranala Menarik== | ||
+ | |||
+ | * [[Snort]] |
Latest revision as of 10:04, 5 December 2018
Sumber: https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html
Gunakan opsi -r <filename> untuk membaca capture file binary dari libpcap format,
snort -dv -r /var/log/snort/snort.log.1085148255
Jika kita ingin menbaca binary file snort.log.1085148255 dan menyimpan semua taffic dalam bentuk format ASCII di directory,
snort -r /var/log/snort/snort.log.1085148255 -l ~/log.txt
berikut adalah membaca binary file snort.log.108514825 dan memproses traffic sesuai dengan parameter snort.conf,
snort -r /var/log/snort/snort.log.1085148255 -l ~/log -c /etc/snort/snort.conf
berikut adalah membaca binary file snort.log.1085148255 dan menayangkan hanya traffic TCP ke layar:
snort -dv -r /var/log/snort/snort.log.1085148255 tcp
Referensi