Snort mailing list archives
Updating sid-msg.map
From: Tamara Fisher <tammi888 () gmail com>
Date: Tue, 16 Apr 2013 14:13:16 -0400
Hi. I'm having issues when I am creating new local rules where rules show up with generic name 'Snort Alert' instead of what is in the msg field. Google tells me that barnyard2 is able to translate the msg field from sid-msg.map but I also read that running pulled pork should update that file. My rules are still the same though after running pulledpork. Do I need to update this manually? How do I fix it?
------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Updating sid-msg.map Tamara Fisher (Apr 16)
- Re: Updating sid-msg.map Y M (Apr 16)
- Message not available
- Re: Updating sid-msg.map Y M (Apr 16)
- Message not available
- Re: Updating sid-msg.map Y M (Apr 16)
- <Possible follow-ups>
- Re: Updating sid-msg.map Y M (Apr 17)
- Re: Updating sid-msg.map Tamara Fisher (Apr 17)