This will need to be done manually outside of the NST WUI. snort can be used to read the pcap file using the "-r" option. First use the NST WUI snort interface page to setup the MySQL snort database.
Newer versions of NST use barnyard2 to populate the MySQL snort database.
Good luck!
---RWH
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Is there a way for a NST user to add a PCAP file to snort then analyze with BASE? or analyze with anything?
Which tools would you use? such as TCPick, TCPdump, Tshark, wireshark.
I have used those tools specifically however I would like to run the Pcap through a IDS and see if any signatures match up. Thank you.
jinverar:
This will need to be done manually outside of the NST WUI. snort can be used to read the pcap file using the "-r" option. First use the NST WUI snort interface page to setup the MySQL snort database.
Newer versions of NST use barnyard2 to populate the MySQL snort database.
Good luck!
---RWH