Difference between revisions of "SNORT: Cara membaca snort.log file"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 25: | Line 25: | ||
* https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html | * https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html | ||
| + | |||
| + | |||
| + | ==Pranala Menarik== | ||
| + | |||
| + | * [[Snort]] | ||
Latest revision as of 10:04, 5 December 2018
Sumber: https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html
Gunakan opsi -r <filename> untuk membaca capture file binary dari libpcap format,
snort -dv -r /var/log/snort/snort.log.1085148255
Jika kita ingin menbaca binary file snort.log.1085148255 dan menyimpan semua taffic dalam bentuk format ASCII di directory,
snort -r /var/log/snort/snort.log.1085148255 -l ~/log.txt
berikut adalah membaca binary file snort.log.108514825 dan memproses traffic sesuai dengan parameter snort.conf,
snort -r /var/log/snort/snort.log.1085148255 -l ~/log -c /etc/snort/snort.conf
berikut adalah membaca binary file snort.log.1085148255 dan menayangkan hanya traffic TCP ke layar:
snort -dv -r /var/log/snort/snort.log.1085148255 tcp
Referensi