Snort mailing list archives
Re: Session data, alerts, and barnyard
From: Martin Roesch <roesch () sourcefire com>
Date: Tue, 11 Jun 2002 09:17:52 -0400
Do you mean the stats data that stream4 generates when you enable keep_stats? -Marty On 6/10/02 5:40 PM, "Ed Quackenbush" <equackenbush () riptech com> wrote:
Hello all- Is the session data for an alert made available for barnyard with the unified format? In spo_unified.c I do not see the session data being written in AlertUnified, nor do I see where I would get the session data for a barnyard output plugin in UnifiedAlertRecord. Thanks, Edward Quackenbush equackenbush () riptech com _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- Martin Roesch - Founder/CTO, Sourcefire Inc. - (410)290-1616 Sourcefire: Professional Snort Sensor and Management Console appliances roesch () sourcefire com - http://www.sourcefire.com Snort: Open Source Network IDS - http://www.snort.org _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Session data, alerts, and barnyard Ed Quackenbush (Jun 10)
- Re: Session data, alerts, and barnyard Martin Roesch (Jun 11)
- <Possible follow-ups>
- RE: Session data, alerts, and barnyard Ed Quackenbush (Jun 11)