[Snort-users] Including a MAC address

Edin Dizdarevic edin.dizdarevic at ...7509...
Fri Aug 22 04:23:23 EDT 2003


Do you mean in order to show it in ACID or in the alert file?

For the latter case try the "-e" switch.

A short look to the mysql tables shows me no link layer infos,
so I suppose this is not working (yet with ACID/MySQL).



Jade E. Deane wrote:
> Does anyone know a way to include the source and destination MAC
> address in an alert?
> Regards, Jade

Edin Dizdarevic

More information about the Snort-users mailing list