[Snort-users] UDP and ICMP logs not linked?
hoagland at ...47...
Wed Feb 6 10:54:05 EST 2002
At 11:32 PM -0800 2/5/02, David Bellizzi wrote:
>TCP alerts have links to the snort packet logs in the report but UDP
>and ICMP alerts do not. Did I miss something?
>I use the following command to generate the report.
>/usr/local/bin/snortsnarf.pl -dns \
> -ldir /var/log/snort \
> -homenet X.X.X.X/30 \
> -rulesdir /usr/local/etc \
> -rulesfile /usr/local/etc/snort.conf \
> -refresh=60 \
What version of SnortSnarf are you using? And can I see a couple
examples of the alerts that don't have links (you can change the IP's
mentioned for posting).
P.s. Also check out the SnortSnarf-users list.
|* Jim Hoagland, Associate Researcher, Silicon Defense *|
|* --- Silicon Defense: IDS Solutions --- *|
|* hoagland at ...47..., http://www.silicondefense.com/ *|
|* Voice: (530) 756-7317 Fax: (530) 756-7297 *|
More information about the Snort-users