[Snort-users] Data Collection Help (fwd)

james the_saint_james at ...131...
Wed Nov 21 16:11:03 EST 2001


I don't think I was clear here. I am seeking the write alerts for all rules,
but for some rules log the full packet + write an alert.






> I am running in full alert mode, if I add the -b switch, will this log all
> packets in binary form or just on the rules where I change "alert" to
"log"
> ?  Will this still write an alert ?
>
> I am seeking to just log packets that I specify "log" in the rule, don't
> want to log all traffic on the T-3 !
>
>
> James Edwards
> jamesh at ...3784...
> At the Santa Fe Office: Internet at Cyber Mesa
> Store hours: 9-6 Monday through Friday
> Phone support 365 days till 10 pm via the Santa Fe office:
> 505-988-9200 or Toll Free: 888-988-2700
>
>





More information about the Snort-users mailing list