<html><body>
<p>Not sure why they have not updated the Snort Users Manual on the website to 2.3.0, but the doc/snort_manual.pdf and the doc/README.INLINE included in your tarball should give you a good start.<br>
<br>
Regards,<br>
<br>
Will<br>
<img src="cid:10__=09BBE532DFFD62588f9e8a93df93869@...2528..." width="16" height="16" alt="Inactive hide details for avinash shenoi <avinash.shenoi@...2499...>">avinash shenoi <avinash.shenoi@...2499...><br>
<br>
<br>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td style="background-image:url(cid:20__=09BBE532DFFD62588f9e8a93df93869@...2528...); background-repeat: no-repeat; " width="40%">
<ul>
<ul>
<ul>
<ul><b><font size="2">avinash shenoi <avinash.shenoi@...2499...></font></b><font size="2"> </font><br>
<font size="2">Sent by: snort-devel-admin@lists.sourceforge.net</font>
<p><font size="2">02/07/2005 12:14 PM</font>
<table border="1">
<tr valign="top"><td width="168" bgcolor="#FFFFFF"><div align="center"><font size="2">Please respond to<br>
avinash shenoi <avinash.shenoi@...2499...></font></div></td></tr>
</table>
</ul>
</ul>
</ul>
</ul>
</td><td width="60%">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td width="1%" valign="middle"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="58" alt=""><br>
<div align="right"><font size="2">To</font></div></td><td width="100%"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="1" alt=""><br>
<font size="2">snort-devel@lists.sourceforge.net</font></td></tr>

<tr valign="top"><td width="1%" valign="middle"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="58" alt=""><br>
<div align="right"><font size="2">cc</font></div></td><td width="100%"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="1" alt=""><br>
</td></tr>

<tr valign="top"><td width="1%" valign="middle"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="58" alt=""><br>
<div align="right"><font size="2">Subject</font></div></td><td width="100%"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="1" alt=""><br>
<font size="2">[Snort-devel] log format for snort logs + IPS docs</font></td></tr>
</table>

<table border="0" cellspacing="0" cellpadding="0">
<tr valign="top"><td width="58"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="1" alt=""></td><td width="336"><img src="cid:30__=09BBE532DFFD62588f9e8a93df93869@...2528..." border="0" height="1" width="1" alt=""></td></tr>
</table>
</td></tr>
</table>
<br>
<tt>Hello All <br>
<br>
I am new to snort IDS and would like to know if there is any<br>
documentation on the different log formats that snorts writes logs in.<br>
What I am looking for is an explanation of the different fields in the<br>
snort logs. Please let me know a good place to find this.<br>
<br>
I am also interested in the snort IPS functionality and would like to<br>
know where I can find documentation on this as well<br>
<br>
Thanks and Regards<br>
Avinash<br>
<br>
<br>
-------------------------------------------------------<br>
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting<br>
Tool for open source databases. Create drag-&-drop reports. Save time<br>
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.<br>
Download a FREE copy at </tt><tt><a href="http://www.intelliview.com/go/osdn_nl">http://www.intelliview.com/go/osdn_nl</a></tt><tt><br>
_______________________________________________<br>
Snort-devel mailing list<br>
Snort-devel@lists.sourceforge.net<br>
</tt><tt><a href="https://lists.sourceforge.net/lists/listinfo/snort-devel">https://lists.sourceforge.net/lists/listinfo/snort-devel</a></tt><tt><br>
</tt><br>
</body></html>