Snort 2.9.x – Users Manual
root@bpi-iot-jsho-snort-01:~# apt-get install snort
root@bpi-iot-jsho-snort-01:~# snort -v
Running in packet dump mode
–== Initializing Snort ==–
Initializing Output Plugins!
pcap DAQ configured to passive.
Acquiring network traffic from „eth0“.
Decoding Ethernet
–== Initialization Complete ==–
,,_ -*> Snort! <*-
o“ )~ Version 2.9.7.0 GRE (Build 149)
““ By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
Copyright (C) 2014 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using libpcap version 1.8.1
Using PCRE version: 8.39 2016-06-14
Using ZLIB version: 1.2.11
Stay current with the latest updates using Community rules
root@bpi-iot-jsho-snort-01:/# wget https://www.snort.org/downloads/community/community-rules.tar.gz -O community-rules.tar.gz
root@bpi-iot-jsho-snort-01:/# tar -xvzf community-rules.tar.gz -C /etc/snort/rules
https://www.snort.org/faq/readme-unified2
U2SpewFoo is a lightweight tool for dumping the contents of unified2 files to stdout
root@bpi-iot-jsho-snort-01:~# cd /var/log/snort
root@bpi-iot-jsho-snort-01:~# u2spewfoo snort.log
U2boat is a tool for converting unified2 files into different formats currently supported conversion formats are pcap