Full width home advertisement

Post Page Advertisement [Top]

Hi guys, Does anyone know how to observe the logs coming into a Linux device in a normalized form rather than in packets (Wireshark). The logs should be properly or nearly divided into individual fields. Can you suggest some open source tools for that.

Edit: I want to create rules in IDS based on that. It is for an IDS project. I want to look at the logs coming in after enabling an attack to create rules accordingly. But in snort, all I can see is in packet format, which is not that useful to me. Lets say if we get logs in the format in which we receive in qradar or sentinel. It would be much easier to understand. Basically I want the logs parsed and mapped to fields. submitted by /u/Savings_County_9309
[link] [comments]


http://dlvr.it/SzskKs

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
'; (function() { var dsq = document.createElement('script'); dsq.type = 'text/javascript'; dsq.async = true; dsq.src = '//' + disqus_shortname + '.disqus.com/embed.js'; (document.getElementsByTagName('head')[0] || document.getElementsByTagName('body')[0]).appendChild(dsq); })();

Bottom Ad [Post Page]

Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib