sagan in off-line mode

[pradyumna]

I would like to use sagan for any suspicious events in the existing
file( syslog-ng file) . Is it possible to use sagan in off-line mode?
If yes, what is the way?

Thanks.
Pradyumna

[Champ Clark III]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No at this time. I suppose it might be possible if the file was saved
in the Sagan FIFO format, but by default, that's not the case.

Sagan is a real time analysis tool. Off line analysis isn't supported
at this time.

- --
- - Champ Clark III (ccl...@quadrantsec.com)
Quadrant Information Security (http://quadrantsec.com)
Key Fingerprint: 2E56 C2EB 1B25 C517 D5BA 2DCF 5E70 B2F8 0381 878A
GPG Key ID: 0381878A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPPk7tAAoJENnmXt7Lmc3KdgkH/2cmANgWKoJV+xtPt6qnCePz
AKtiBZvFDQ3MIDsPz79+ZJF/QEj+OGRD069sZxwCD5kkHUmjEtHKt+VkuY0XYc7F
3PzY8T0jsCr0qyzWwmZtMSmC102EpLhpGbH8KUz/rf6GaQDwohUY1vLa8A9GbX8L
Zjouxh5dgnQesYYhDIX77l4utjkVhOAxDSguyRyHS65f4KcCq6bTvADFrD+6tZS/
hfglG2ilk27Q1LP2TcXuqwVSExrAInAxd0wcGLb76zlQ6/sdYY4T4PtNNaYkmPcF
enRM1EVQ78iS5gnCoBoyL9Z1hJAP6JNOHXBQ2LEUqcSLHbrlMqz80tPG9K+xmcQ=
=B79n
-----END PGP SIGNATURE-----