[Snort-devel] Query on log_tcpdump

Balasubramaniam Natarajan bala150985 at ...2499...
Mon Sep 1 03:20:25 EDT 2014


Hi

Would it be possible to write a rule on snort which will use "log_tcpdmp"
from [1] if the rule matches the signature ?  Else continue logging to the
normal place where it was already.

[1]
http://manual.snort.org/node21.html

-- 
Regards,
Balasubramaniam Natarajan
http://blog.etutorshop.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20140901/2575bda4/attachment.html>


More information about the Snort-devel mailing list