Snort mailing list archives

RE: Noisy Rules

From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 4 Mar 2004 13:25:09 -0600

-----Original Message-----
From: snort-users-admin () lists sourceforge net
[mailto:snort-users-admin () lists sourceforge net] On Behalf Of Paul Lane
Sent: Thursday, March 04, 2004 11:11 AM
To: snort-users () lists sourceforge net
Subject: [Snort-users] Noisy Rules

I'm running Snort 2.1 with MSSQL, Acid and IIS on Windows 2003 server.
I have some rules that are chatty, but I want to keep them.
How do I set a limit to the number of notifications it will send me per
hour?

Use thresholding.  See the readme.thresholding file for details.

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/

Current thread:

Noisy Rules Paul Lane (Mar 04)
- <Possible follow-ups>
- Re: Noisy Rules Mark . Schutzmann (Mar 04)
- RE: Noisy Rules Schmehl, Paul L (Mar 04)