[Snort-users] ACID inputting from alerts?

roman at ...438... roman at ...438...
Wed May 9 15:59:37 EDT 2001


Scott,

If you are logging to a database, the "full" alert functionality is 
enabled by default by the database plug-in.  Look at the "detail"
configuration parameter of the database plug-in documented
in README.database.

cheers,
Roman

> I'm sure this is possible, I just haven't seen it in the FAQ's yet --
> how can I populate my ACID databases with the Full format alert file?
> 
> Or can one?  I realize you lose packet payloads, but the rest of it
> should still be possible...
> 
> Thanks,
> Scott
> 
> 
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
> 



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-users mailing list