Re: There appears to be a bug in Base-1.4.5

[Jeremy Hoel <jthoel () gmail com>]

There is an option for this.. it's just not a sticky option.  It's in
the events tab, the upper right hand button is a config and you can
check it, but it reverts back.  This is one of a few things I need to
write a bug/feature request for..



On Tue, Oct 9, 2012 at 5:16 PM, Jefferson, Shawn
<Shawn.Jefferson () bcferries com> wrote:
> "I'd like all alerts to be "rolled up" into one line like BASE does"
>
> Sorry I meant, all unique alerts (ie. GID/SID pair).
>
> -----Original Message-----
> From: Jefferson, Shawn [mailto:Shawn.Jefferson () bcferries com]
> Sent: Tuesday, October 09, 2012 4:11 PM
> To: Dustin Webber
> Cc: Snort-Users Users
> Subject: Re: [Snort-users] There appears to be a bug in Base-1.4.5
>
> Hi Dustin,
>
> I'd like all alerts to be "rolled up" into one line like BASE does.  I'd like to be able to have the "unique IP 
> links" per SID view like BASE has.  I didn't see that last time I looked at snorby, maybe that is there and I missed 
> it?
>
> As far as StreamDB/OpenFPC, can you have both of them at the same time?  The lookup API sounds interesting... I'll 
> have to look into that again.  HIPS is SEP, it's a MSSQL database... (there is a possibility to use Symantec System 
> Center and hook into that.)
>
> No, I'd rather use your product-but it didn't fit my requirements at the time, if it does now, that's great!  As far 
> as vulns in BASE, I'm sure there is, but I have it very locked down... I don't let just any computer connect to 
> it-which in my case is an adequate compensating control (among others.)
>
> to stay current on all the latest Snort news!
>
> ------------------------------------------------------------------------------
> Don't let slow site performance ruin your business. Deploy New Relic APM
> Deploy New Relic app performance management and know exactly
> what is happening inside your Ruby, Python, PHP, Java, and .NET app
> Try New Relic at no cost today and get our sweet Data Nerd shirt too!
> http://p.sf.net/sfu/newrelic-dev2dev
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
Don't let slow site performance ruin your business. Deploy New Relic APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!