Snort mailing list archives
snort 1.7 and alerts
From: "John Johnson" <john () cyberbytesbbs com>
Date: Thu, 31 May 2001 13:58:41 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have snort dumping to a database and to an alert file and I have SWATCH monitoring the alert file. What I would like it for snort to only dump an alert to the alert file if the ruleset in question was triggered X amount of times in X amount of time then send it to the alert file for SWATCH to send out Email pages. Anyone have any ideas? - -John -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.1 iQA/AwUBOxawfgfP+qzR55XlEQItuQCglfNRMMIVKsi47S8ptzt1z9u4BlcAoO2D +lLcaMIB6xOIH5cYrYhkVdPT =C/gJ -----END PGP SIGNATURE----- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- snort 1.7 and alerts John Johnson (May 31)