[Snort-users] snort 1.7 and alerts

John Johnson john at ...599...
Thu May 31 16:58:41 EDT 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 I have snort dumping to a database and to an alert file and I have
 SWATCH monitoring the alert file. What I would like 
it for snort to only dump an alert to the alert file if the ruleset
in question was triggered X amount of times in X amount of time
then send it to the alert file for SWATCH to send out Email pages.
Anyone have any ideas?

- -John

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1

iQA/AwUBOxawfgfP+qzR55XlEQItuQCglfNRMMIVKsi47S8ptzt1z9u4BlcAoO2D
+lLcaMIB6xOIH5cYrYhkVdPT
=C/gJ
-----END PGP SIGNATURE-----







More information about the Snort-users mailing list