Re: Snort++ weird alerts popping

[Russ <rucombs () cisco com>]

What version of Snort++ are you running?  Can you try using -A cmg or -A 
csv to see what the alerts look like?

On 9/25/16 12:14 PM, João Soares wrote:
> Greetings,
>
> Lately I've been having a few problems with Snort++
>
> Some alerts are constantly showing up with no relevant info, like this one:
>
> [**] [1:3827:14] "SERVER-WEBAPP PHP xmlrpc.php post attempt" [**]
> 09/25/16-17:10:44.470717
>
> There are instances of the same alert, with every bit of detail like the
> classification, source and destination IPs/MACs, but then there are many
> like the one above with nothing but the description.
>
> Has this ever occurred to anyone?


------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!