Snort mailing list archives

Previous By Date Next
Previous By Thread Next

keeping certain rules from logging packets

From: "Long, Kerry S" <kslong () mitre org>
Date: Fri, 11 Apr 2014 14:03:54 +0000
I am trying to determine in this is possible:





I have some alerts that are quite noisy, but I want these rules noisy.  I however do not want them to log packets.  I 
have other rules I most definitely want the packets logged for.  I can't figure out how to keep some of my "alert" 
messages from logging packets.

I can eliminate all packet logging by using the "-N" switch, but that is counterproductive.   Any advice would be 
appreciated.







Kerry


------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: