Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snort 1.7 and alerts

From: "John Johnson" <john () cyberbytesbbs com>
Date: Thu, 31 May 2001 13:58:41 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 I have snort dumping to a database and to an alert file and I have
 SWATCH monitoring the alert file. What I would like 
it for snort to only dump an alert to the alert file if the ruleset
in question was triggered X amount of times in X amount of time
then send it to the alert file for SWATCH to send out Email pages.
Anyone have any ideas?

- -John

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBOxawfgfP+qzR55XlEQItuQCglfNRMMIVKsi47S8ptzt1z9u4BlcAoO2D
+lLcaMIB6xOIH5cYrYhkVdPT
=C/gJ
-----END PGP SIGNATURE-----




_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: