Snort mailing list archives
Re: Fw: Snort No. of Alerts= Packets ??
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Mon, 13 Feb 2017 13:08:32 +0000
Very possible. Thresholding and reassembled stream alerts are two examples. -- Sent from my iPhone On Feb 13, 2017, at 6:12 AM, Asad, Hafiz ul <Hafiz-ul.Asad () city ac uk<mailto:Hafiz-ul.Asad () city ac uk>> wrote: The screen shot is attached here. ________________________________ From: Asad, Hafiz ul Sent: Monday, February 13, 2017 11:06 AM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: Snort No. of Alerts= Packets ?? Snort Users, Is it possible that snort generates alerts that are less in number than the number of packets that generate these alerts? Attach is the Barnyard2 summary where alerts are much lesser than the packets it saved in the mysql database. Regards Asad <Barnyard2.jpg> ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org<http://SlashDot.org>! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Joel Esler (jesler) (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Joel Esler (jesler) (Feb 13)
- Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)