Next: Serial Unified2 Header Up: Snort Development Previous: Output Plugins Contents

Unified2 File Format

Unified 2 records should not be assumed to be in any order. All values are stored in network byte order.

An example structure of unified2 files

    [ Serial Unified2 Header    ]
    [ Unified2 IDS Event        ]
    [ Unified2 Packet           ]
    [ Unified2 Extra Data       ]
    .
    .
    .
    [ Serial Unified2 Header    ]
    [ Unified2 IDS Event        ]
    [ Unified2 Packet           ]
    [ Unified2 Extra Data       ]

Subsections

Serial Unified2 Header
Unified2 Packet
Unfied2 IDS Event
Unfied2 IDS Event IP6
Unfied2 IDS Event (Version 2)
Unified2 IDS Event IP6 (Version 2)
Unified2 Extra Data
Description of Fields

Eugene Misnik 2013-05-08