Thanks for all the fixes lately! I've got the latest git version packaged and it looks like we're making great progress!
I'm running as follows: sudo netsniff-ng -i eth0 -o test/ --interval 1MiB -Psnort.log -s In my test directory, I have filenames like: snort.log-1352859267.pcap However, Sguil is expecting the filenames to be like this: snort.log.1352854983 Would you mind fixing this format or making the format more configurable? Or should I just do a quick-and-dirty hack? Thanks! Doug On Thu, Nov 1, 2012 at 6:46 AM, Doug Burks <[email protected]> wrote: > On Wed, Oct 31, 2012 at 2:26 PM, Daniel Borkmann <[email protected]> > wrote: > > On Wed, Oct 31, 2012 at 2:52 PM, Doug Burks <[email protected]> > wrote: > >> On Wed, Oct 31, 2012 at 9:51 AM, Daniel Borkmann < > [email protected]> wrote: > >>> For future reference, I've added an entry in our TODO file to do this > properly. > >> > >> Awesome, thanks! > > > > Done. Path prefix and interval in size should work now. I've just > > pushed a version into the Github repository. > > > > Would be great if you could test it (after the libnl3 issue has been > fixed). > > Wow, thanks for the quick turnaround on those new features! Looking > forward to testing them! > > Thanks, > -- > Doug Burks > http://securityonion.blogspot.com > -- Doug Burks http://securityonion.blogspot.com --
