[Snort-users] Log output format

Michael Wyraz evermind at ...4907...
Thu Feb 7 11:30:06 EST 2002


Hi!

Thank you. this works fine.
I wonder why the log output in the ip-sub-dirs is so much different from that
which is written in the alerts file.

Michael.

On Thu, 07 Feb 2002 08:40:21 -0600, Chris Green wrote:

>Michael Wyraz <michael.wyraz at ...4903...> writes:
>
>> Hi!
>>
>> I'm integrating Snort with an alerting/trouble ticket tool. To do this,
>> I use the snort log output in the log dir - not the "alerts" file but the 
>> many small files in the directory with the ip as name because that's much 
>> more easy to use than a big logfile. Is there a way to let snort add the 
>> aditional information (Xref-infos) to this logs to make the information more 
>> complete?
>>
>
>Check out the -G option to snort
>
>        -G <mode>  Add reference ids back into alert msgs (modes:
>basic, url)
>
>I assume when you say Xfef-infos, you mean the reference: tag stuff.
>
>
>> Thank you. Michael.
>>
>> (Please send a copy of your reply to my address since i'm not in the mailing 
>> list)
>-- 
>Chris Green <cmg at ...671...>
>"I'm beginning to think that my router may be confused."
>







More information about the Snort-users mailing list