AfterGlow
=========

Database Scripts (afterglow/src/perl/database)
----------------

These scripts can be used to maintain a database with snort binary data (generated by having snort write the offending packets as pcap. Use:

1. Initialize the DB with the createDB.sql
2. Run tcpdump2sql.pl to inesrt the dump into the DB
3. Run any additional scripts:
	snortservice.pl (adds flow information)
	deltacalc2.pl	(calculate deltas between packets)
	deltacalc.pl	(calculate deltas between packets)
	attackchains.pl (detects attack chains)
	snortalert.pl	(adds the information about what snort rule triggered the packet to be recorded)
	snortdirection.pl	(adds information about the source and destination of the communication

Additional files:
	iptolong.pl	(Perl routine to convert IPs to Longs)
 	subquery.pl	(Query the DB)