Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spade Alerts

From: James Hoagland <jim () SiliconDefense com>
Date: Sat, 1 Mar 2003 06:41:21 -0800
Mahdi,
I'm not sure what you mean by the style of the alert changing. Perhaps you can give concrete examples.
In any case, the README.Spade file shows the format for the two different types of message strings you will get from Spade. (The rest of the alert is the same as signature alert.) The Usage.Spade file lists the activity descriptions (part of one of the message strings) that specific spade detector types will produce (look under the section describing any detector types you have enabled). 

Best regards,

  Jim


At 11:55 PM -0800 2/28/03, Mahdi Kefayati wrote:

In the Name of the Dearest
Hi all,
I've setup an snort instance and came up with starting
and configuration problem and got it to report to
mysql database.
As I compared my alerts to the alert examples to
documents the style of alerts is somehow changed.
I have enabled threshold adaption but i do not know
what I must see as threshold adaption alerts.
If anyone has any kind of table for the alerts that
can be seen, please, send it to me.

Regards,
Mahdi Kefayati

__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users



--
|*     Jim Hoagland, Associate Researcher, Silicon Defense     *|
|*    --- Silicon Defense: The Cyberwar Defense Company ---    *|
|*   jim () SiliconDefense com, http://www.silicondefense.com/    *|
|*  Voice: (530) 756-7317                 Fax: (530) 756-7297  *|


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: