[Snort-users] Where can I find documents explain the log form ats of snort?
JHicks at ...5857...
Sun Dec 22 20:18:02 EST 2002
The best one I can recommend is Intrusion Signatures and Analysis from
Stephen Northcutt (SANS) and all
8-1/ref=sr_8_1/102-0670692-9875349?v=glance&s=books&n=507846) mainly because
as you go, you'll quickly learn you'll need to know more than the alert.ids
Signature ID:Revision # Alert Message
[Classification: Classification Type] [Priority: #]
Date/Network Time Src.IP:Src.Port -> Dst.IP:Dst.Port
Protocol Packet Details
From: Xiaogang Liu
To: snort-users at lists.sourceforge.net
Sent: 22/12/02 10:32 PM
Subject: [Snort-users] Where can I find documents explain the log formats of
Where can I find documents explain the log formats of snort?
I want to completely analyze the log format in file alert.ids.
More information about the Snort-users