The Data Acquisition Library for the Snort IDS


The DAQ is a part of the Snort Intrusion Detection System and is an abstraction layer on top of libpcap which is designed for data acquisition from network packets. The DAQ library is designed to make using Snort across platforms easier without requiring major internal changes to work cross-platform.

Using DAQ on RCC Resources

The DAQ, or Data Acquisition Library, is a component of Snort and a relatively recent addition to it. The DAQ can be used from within Snort. For a list of commands and some background on it, refer to section 1.5 of the Snort documentation here.