SNORT: Cara membaca snort.log file

From OnnoWiki
Revision as of 10:04, 5 December 2018 by Onnowpurbo (talk | contribs) (→‎Referensi)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Sumber: https://www.safaribooksonline.com/library/view/snort-cookbook/0596007914/ch01s20.html


Gunakan opsi -r <filename> untuk membaca capture file binary dari libpcap format, 

snort -dv -r /var/log/snort/snort.log.1085148255

Jika kita ingin menbaca binary file snort.log.1085148255 dan menyimpan semua taffic dalam bentuk format ASCII di directory, 

snort -r /var/log/snort/snort.log.1085148255 -l ~/log.txt

berikut adalah membaca binary file snort.log.108514825 dan memproses traffic sesuai dengan parameter snort.conf, 

snort -r /var/log/snort/snort.log.1085148255 -l ~/log -c /etc/snort/snort.conf

berikut adalah membaca binary file snort.log.1085148255 dan menayangkan hanya traffic TCP ke layar: 

snort -dv -r /var/log/snort/snort.log.1085148255 tcp



Referensi


Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=SNORT:_Cara_membaca_snort.log_file&oldid=52891"