[Snort-devel] [Dynamic Preprocessor] How to log packet and output alert: genSnortEvent or alertAdd?

Hai Minh Nguyen lightsea90 at ...2499...
Mon May 20 05:23:50 EDT 2013


I'm developing a dynamic preprocessor by DPX. After processing a packet, I
might generate an alert and log that packet for later analyzing if I found
it abnormal.

My problem:
I found 2 member of DynamicPreprocessorData struct: alertAdd and
genSnortEvent. I supposed those could help me. But I dont understand the
difference between 2 member yet. Which of them should I choose for my
purpose? If you know any other way, feel free to raise your idea.


Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại một
lần, nhưng chưa ai qua nổi quá tam chiêu!!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20130520/fc322fee/attachment.html>

More information about the Snort-devel mailing list