[Snort-users] tag rules and logging

Michael Anderson mca at ...1717...
Fri Jan 18 08:13:04 EST 2002


I want to include the tag option in a rule to capture additional packets for a session.  I am currently logging all alerts to a MySQL database.  Will
the additional packets be logged to the database?  I am using acid to review the alerts.  Can I use acid to review the additional packets?

Thanks for any help,
Mike





More information about the Snort-users mailing list