[Snort-devel] u2boat filters patch

Eugenio Perez eugenio at ...3500...
Thu Jun 26 11:03:27 EDT 2014


Hi everyone!

We have added u2boat event filtering capabilities. With this patch,
you can show just the events you are interested in.

Currently, you can filter on:

-o : origin (source) ip
-d : destination ip
-s : sid
-g : gid
-l  : lower timestamp
-u : upper timestamp

And any combination of them.

Waiting for opinions and suggestion. Thanks and regards.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: u2boat.filter.patch
Type: text/x-patch
Size: 39489 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140626/baad7949/attachment.bin>


More information about the Snort-devel mailing list