Snort mailing list archives
Avoid logging sensitive data
From: "James Lay" <jlay () slave-tothe-box net>
Date: Mon, 3 Oct 2011 08:55:35 -0000
Hey All, So...say I want to log an alert of a social security number...I'd like to see the alert in my .fast file, but I DON'T want to log the actual packet itself. Is there a rule option that I can set for that? Or am I out of luck...looked through the snort_manual.pdf, but didn't see what I was looking for. Thanks all. James ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2dcopy1 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Avoid logging sensitive data James Lay (Oct 03)
- Re: Avoid logging sensitive data Adam Hogan (Oct 04)
- Re: Avoid logging sensitive data James Lay (Oct 04)
- Re: Avoid logging sensitive data Adam Hogan (Oct 04)