Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Time of Day Alert Suppression

From: "Joel Esler \(jesler\) via Snort-users" <snort-users () lists snort org>
Date: Fri, 13 Oct 2017 21:01:02 +0000


On Oct 13, 2017, at 11:42 AM, Steven J <sjm () lyricalsecurity com<mailto:sjm () lyricalsecurity com>> wrote:


Hello all, and thank you for allowing me to join this community.

I currently have Alerts I need to suppress for certain time periods through the day.  I found a 2003 Archive request 
which suggests this is best handled manually, during post-alert analysis.

Just wondering if this has been revisited?


No, manual is still the best way of handling this.  I assume this is for some specific job that happens at a certain 
time of day?  Can you ignore the traffic between those two IPs, or suppress?



_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: