Snort mailing list archives
Re: http_client_data and logging
From: Joel Esler <jesler () sourcefire com>
Date: Thu, 26 May 2011 15:56:35 -0400
Thanks Eoin. On Thu, May 26, 2011 at 3:49 PM, Eoin Miller < eoin.miller () trojanedbinaries com> wrote:
On 5/26/2011 2:58 PM, Joel Esler wrote:Eoin, Okay, let me talk with devel. JasonB asked me to check the unified2 file for further tagged packets. Itlooks like this is a barnyard2 or Sguil issue as one of those appears to be stripping off the subsequent tagged packets that Snort is appropriately logging into the unified2 output. Thanks for the intel and helping me troubleshoot this guys. -- Eoin
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- http_client_data and logging Eoin Miller (May 25)
- Re: http_client_data and logging James Lay (May 25)
- Re: http_client_data and logging Eoin Miller (May 26)
- Re: http_client_data and logging Joel Esler (May 26)
- Re: http_client_data and logging Eoin Miller (May 26)
- Re: http_client_data and logging Joel Esler (May 26)
- Re: http_client_data and logging Eoin Miller (May 26)
- Re: http_client_data and logging Joel Esler (May 26)
- Re: http_client_data and logging beenph (May 26)
- Re: http_client_data and logging Edward Fjellskål (May 26)
- Re: http_client_data and logging Eoin Miller (May 26)
- Re: http_client_data and logging James Lay (May 25)
- Re: http_client_data and logging Lay, James (May 26)