Re: Signature Table in snort DB not updating

[beenph <beenph () gmail com>]

On Sun, Nov 11, 2012 at 1:01 AM, Balasubramaniam Natarajan
<bala150985 () gmail com> wrote:
> On Sun, Nov 11, 2012 at 2:40 AM, Heine Lysemose <lysemose () gmail com> wrote:
> > That's the one! ;-)
> >
> > /Lysemose
> >
> > On Nov 10, 2012 10:06 PM, "Joel Esler" <jesler () sourcefire com> wrote:
> > > I think you mean sid-msg.map.  The gid-msg.map doesn't change much.
>
> Yes pulled_pork automatically updated the sid-msg.map file when it updated
> the rules file.

Thats assuming that pulled pork also input your custom rules
definition in the update.
If they are, you have to restart barnyard2 so it reads the new maps
file and it will insert
the correct message when its encountered in a unified2 file and the
signature is not present in the
database.

-elz

------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!