Re^3: Help with Snort and File::Tail

You asked how to "read each alert". You haven't been clear as to what you consider an alert, but I presume what you posted is an example of one. If that's the case, then I gave code that does what you ask.

Even less clear is "I read @array = <SNORTFILE> so this would be in an array format.", which I took to mean you wanted the alert in an array, one element per line. It would just as easy to extract each alert as a (multiline) string, if that's what you prefer.

You also asked how to parse the alert, but you didn't specify what information you wanted to extract, so I didn't touch that.

Comment on Re^3: Help with Snort and File::Tail Download Code

Replies are listed 'Best First'.
Re^4: Help with Snort and File::Tail by Anonymous Monk on Jun 23, 2011 at 18:57 UTC
I posted the code I have on my initial post. If you're looking at it and see something you don't understand let me know. Otherwise I don't care too much about conventions and stuff. I'll worry about making some subroutines and stuff like that after I get everything working. But it seems to freeze or something and I can't figure out why...	[reply]
Re^5: Help with Snort and File::Tail by ikegami (Patriarch) on Jun 23, 2011 at 19:38 UTC
I'm very wary of even looking at code that's not strict-safe (especially code that long), and lots of the code you posted is not relevant to your problem. Start a new thread for the new problem, and do a proper job of asking the question. Specifically, I'm interested in minimal, runnable code, which might require that you provide some data.	[reply]