sudo tcpdump -r snort.log.XXXX 

Will output it to your screen. Use tcpdump since they are in pcap format.

Actually, you can read them in the commandline or terminal like snort -r xx.log.xxx$.For details, referring to the manual of snort.

Or you can use barnyard2 to read them if they are in unified2 format and dump the results into database.

Thats what I'm doing.

Assuming they are logged in binary PCAP format, then Wireshark is your friend.

I will reopen this question trying to merge the others answers, since I think that they are not properly explained.

1. Guess snort.log.xxx file type

Snort could have output you two kind of output file format depending on snort output plugin option for that files: tcpdump pcap and snort's unified2. In order to know what kind are your files, use the unix file command.

It will tell you tcpdump capture file (goto 2) or data (goto 3).

2. tcpdump

You can read as a normal capture file: You can use wireshark, tshark -r, tcpdump -r, or even re-inject them in snort with snort -r.

3. Unified2

"Native" snort format. You can read it with u2spewfoo <file> (included in snort), or convert it to a pcap with u2boat.

If you want to transform it to another alert system (syslog, for example), you can use barnyard2. Barnyard2 is a simple tool, but configuration is a little bit complex, so tell me if you need more information!

Barnyard2 is also capable to transform it "continuously", i.e., the previous tools are one short: they print/convert one file one time, and the exit. Barnyard2 is able to monitor snort log directory and process events at the time they are produced by snort.

4. More info

The unified2 format is used because snort old unique thread design. The time snort spend waiting syslog, screen, etc. to ACK alert is time that snort is not using to analyze packets. So, the way was to dump then in a efficient binary format, and let another program (maybe with low CPU priority) to process them.