[Snort-sigs] snort snort don't recognize plugin sid set by me
danilogo1991 at ...2420...
Thu May 14 18:26:34 EDT 2015
I created a new rule for snort with the following sid:10001
i recieve alerts trigered by this rule in OSSIM web interface but it
appears as Generic event. When i open the event detail window i find the
event type id is changed to 2000000000 and payload contains [Unknown plugin
Problem is that i can't differentiate between alerts triggered by rules
created by me in a correlation directive.
How can i set a proper name for the rule rather than Generic Event?
How can i make the system to reconize event type set by me?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs