[Snort-users] Output Plugins

John Kiehnle john at ...1477...
Thu Mar 15 16:48:09 EST 2001


alert_full:<output filename>


On Thu, 15 Mar 2001 15:14:42 -0600, John_Delisle at ...1523... said:

> 
>  Hi everyone,
>  
>  I have a problem thats driving me NUTS!!
>  
>  Question --- What output plugin should I use to get the same results as "-A
>  full"??
>  
>  
>  My needs are as follows:
>  
>  - Full logging, with packet captures for all rules in my conf file.  You
>  get this by running with -A full I think.
>  - Syslog alerts for some rules, but not all of them.
>  
>  I think I can get this with my own ruletype definitions, one that logs just
>  like "-A full", and one that also sends a message to syslog.
>  
>  Any ideas?
>  
>  John Delisle
>  Corporate Technology
>  Ceridian Canada Ltd
>  204-975-5909
>  
>  
>  _______________________________________________
>  Snort-users mailing list
>  Snort-users at lists.sourceforge.net
>  Go to this URL to change user options or unsubscribe:
>  http://lists.sourceforge.net/lists/listinfo/snort-users
>  

-- 
John Kiehnle <john at ...1477...> http://www.mtspokane.net






More information about the Snort-users mailing list