[Snort-sigs] does anybody know about this log?

김무성 kimms at ...3282...
Sun Apr 11 20:26:21 EDT 2010


Hello.

I want to log detection or trigger time.
I saw some blog. and I could find information
look at this.

[Detect] Stime = 07/09-14:19:25.138247 ========
[DcodeContentMatch] Stime = 07/09-14:19:25.138259 ========
[DcodeContentMatch] Etime = 07/09-14:19:25.138269 ========
[nonContentOTNz] Stime = 07/09-14:19:25.138279 ========
[nonContentsOTNz] Etime = 07/09-14:19:25.138287 ========
[Detect] Etime = 07/09-14:19:25.138295 ========

how can i log above information?
are there any option for this in snort(snort.conf, /snort/log)?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20100412/6cbb5c80/attachment.html>


More information about the Snort-sigs mailing list