Snort mailing list archives
Re: Snort with Kiwi Sys Log
From: Greg Williams <gwillia5 () uccs edu>
Date: Mon, 11 Mar 2013 17:56:58 +0000
That's a Kiwi filter if I remember correctly. Personally I would use something like Splunk that gives you easy searching vs kiwi. That way you also have historical data. Greg Williams IT Security Principal University of Colorado at Colorado Springs Website: http://www.uccs.edu/itsecure -----Original Message----- From: Jeremy Golden [mailto:goldenjc97 () gmail com] Sent: Monday, March 11, 2013 11:41 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Snort with Kiwi Sys Log Hi, I am running snort on Windows 7 and just got kiwi to display traffic in its logs. How would I go about kiwi only display a single alert off of a specific rule? Does anyone have an example? I don't necessarily need all network traffic displayed, but rather create my own and have only it displayed. Any help would be great. Jeremy Golden ------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news! ------------------------------------------------------------------------------ Symantec Endpoint Protection 12 positioned as A LEADER in The Forrester Wave(TM): Endpoint Security, Q1 2013 and "remains a good choice" in the endpoint security space. For insight on selecting the right partner to tackle endpoint security challenges, access the full report. http://p.sf.net/sfu/symantec-dev2dev _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort with Kiwi Sys Log Jeremy Golden (Mar 11)
- Re: Snort with Kiwi Sys Log Greg Williams (Mar 11)