[Snort-users] I want certain IP adresses not to be logged

Gonzalez, Albert albert.gonzalez at ...7950...
Mon Jan 13 06:39:02 EST 2003

Let me see if I get this right, you want to *log* certain IP's and discard

Well first off, if you are seeing traffic from yourself, try to correctly
address your HOME_NET
variable, and or setting those proxy scanners in ignore hosts (i do for
and as far as to ignore certain traffic, try using this[1].


[1] - http://www.theadamsfamily.net/~erek/snort/ignore.txt

Alberto Gonzalez
EDS - Global Security Operations Center
Security and Privacy Professional Servics

-----Original Message-----
From: Jeroen Diederen [mailto:jeroen at ...7984...]
Sent: Sunday, January 12, 2003 6:05 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] I want certain IP adresses not to be logged

Hi there,

I have read the manual but did not come across the solution. I'd like to 
create a list (certain rule ?) of IP addresses that I would not like to 
have logged each time. I get a lot of noise in my log results by proxy 
protectors, myself etc, so I want to get rid of these logs. Is there a 
way to do this ?

Jeroen Diederen

This SF.NET email is sponsored by: FREE  SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your  SSL security issues.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

More information about the Snort-users mailing list