Snort mailing list archives

Previous By Date Next
Previous By Thread Next

About the ruletype syntax

From: sutra <sutra () ensicaen ismra fr>
Date: Sat, 24 Jan 2004 14:49:59 +0000
Hello,
I wondering if there is a better documentation about the ruletype syntax thant the UserManual. Add to this i d like to know if there isn't a misstype in this documentation page 13 about the syntax to use in ruletype, when it s written : 

ruletype redalert{
typealert output
alert_syslog: LOG_AUTH LOG_ALERT
output database: log, mysql, user=snort dbname=snort host=localhost
}

will it not be ?

ruletype redalert{
type alert
output alert_syslog: LOG_AUTH LOG_ALERT
output database: log, mysql, user=snort dbname=snort host=localhost
}


I thank you for your help.

Pierre Sutra


-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: