TechQA.

Reading snort log pcap file

380 views Asked by At

What I am upto?

1)I am using inotifytools to watch on var/log/snort dir 2) as soon as new log file generated in this dir, I add it to a pipe with a shell script. 3) this shell script gives me newly added line(new packet) to that log file which looks something like this 0600 0108 0006 0400 01c4 6e1f 11b3 99c0

What I want?

How can I create new pcap file with only this packet? 0600 0108 0006 0400 01c4 6e1f 11b3 99c0

Why I want it? The above created pcap file I will use to give input to dpkt.pcap.Reader to get details about that packet

python shell pcap snort
Original Q&A
0

There are 0 answers

Related Questions in PYTHON

Related Questions in SHELL

Related Questions in PCAP

Related Questions in SNORT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions