[Snort-sigs] Web Traffic Logging
travis at ...1776...
Fri Aug 15 13:51:14 EDT 2003
I am currently using snort in IDS mode storing into MySQL. This is
working great. I have currently configured the general IDS alerts to
log to one DB and then have defined a new rule type that outputs to an
entirely different DB. I would like to use this DB for web traffic
logging. $home_net to $external_ net (web traffic only). Eventually
using this data to generate employee web usage reports. I have written
several different rules but I am afraid that I am missing something so
decided to seek out the lists help in coming up with one rule or a group
of rules that would accomplish this task. Please Advise...
More information about the Snort-sigs