[Snort-users] Fast alert format

Ian Melven imelven at ...3837...
Tue Oct 16 11:44:11 EDT 2001

hullo everyone

well, i read enough source to assume that the 
[number:number:number] stuff in my snort fast alerts
is the 'generator':snort rule id:rule revision

what are the possible values for the "generator" ?

is the alert format docc'ed anywhere other than
in the code ? i couldn't really find it in the manual ?

ian :)

More information about the Snort-users mailing list