I just cooked up a perl script to do just this because people keep wanting to use Snort for it. The script uses a Snort database as it's back end and will create log entries the same as the Snort engine would, including packet data.
The code is still very much in the early phase but a functioning version with minimal testing is available @ http://cerberus.sourcefire.com/~jbrvenik/unified_perl/ MARTIN Benoni wrote: > Do you want to do this one or periodically ? For once, really easy : > > 1. Import your pcap file under Ethereal. > 2. Export it in CSV format > (http://www.ethereal.com/docs/eug_html/#ChIOExportCSVDialog) > 3. Import the CSV file in a SQL Database. Drop me an email if you want the > stored procedure for this (10 lines max :) ) > > Hope this helps ! > > > > -----Message d'origine----- > De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Envoyé : jeudi 10 août 2006 11:20 > À : [email protected] > Objet : Export ethereal cap file to SQL database with all details > > Hi All, > > > > I want to export ethereal cap file to SQL database with all details. > > > > Please suggest any method for it. > > > > Regards, > > Nagesh Lad > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it with real-world attacks from CORE > IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > > -- Jason Brvenik - Sourcefire PGP: 89C6 DE77 3B32 FC03 A5AE B5DD 11DF 4C8B 0D8E 3383 Key: http://cerberus.sourcefire.com/~jbrvenik/jason.brvenik.pgp.key ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
