Snort mailing list archives
Re: Fw: Snort No. of Alerts= Packets ??
From: "Asad, Hafiz ul" <Hafiz-ul.Asad () city ac uk>
Date: Mon, 13 Feb 2017 14:25:01 +0000
So where exactly, in the snort mysql database, do we have the number of alerts? event? Asad ________________________________ From: Joel Esler (jesler) <jesler () cisco com> Sent: Monday, February 13, 2017 1:08:32 PM To: Asad, Hafiz ul Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] Fw: Snort No. of Alerts= Packets ?? Very possible. Thresholding and reassembled stream alerts are two examples. -- Sent from my iPhone On Feb 13, 2017, at 6:12 AM, Asad, Hafiz ul <Hafiz-ul.Asad () city ac uk<mailto:Hafiz-ul.Asad () city ac uk>> wrote: The screen shot is attached here. ________________________________ From: Asad, Hafiz ul Sent: Monday, February 13, 2017 11:06 AM To: snort-users () lists sourceforge net<mailto:snort-users () lists sourceforge net> Subject: Snort No. of Alerts= Packets ?? Snort Users, Is it possible that snort generates alerts that are less in number than the number of packets that generate these alerts? Attach is the Barnyard2 summary where alerts are much lesser than the packets it saved in the mysql database. Regards Asad <Barnyard2.jpg> ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org<http://SlashDot.org>! http://sdm.link/slashdot _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net<mailto:Snort-users () lists sourceforge net> Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Joel Esler (jesler) (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)
- Re: Fw: Snort No. of Alerts= Packets ?? Joel Esler (jesler) (Feb 13)
- Fw: Snort No. of Alerts= Packets ?? Asad, Hafiz ul (Feb 13)