[Snort-users] snort 1.7 and alerts
john at ...599...
Thu May 31 16:58:41 EDT 2001
-----BEGIN PGP SIGNED MESSAGE-----
I have snort dumping to a database and to an alert file and I have
SWATCH monitoring the alert file. What I would like
it for snort to only dump an alert to the alert file if the ruleset
in question was triggered X amount of times in X amount of time
then send it to the alert file for SWATCH to send out Email pages.
Anyone have any ideas?
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1
-----END PGP SIGNATURE-----
More information about the Snort-users