[Snort-users] Barnyard, sid-msg.map, gen-msg.map

Andy Dales andy_dales at ...8153...
Wed Jan 29 12:35:06 EST 2003


Greetings, I'm wondering if anyone is willing to explain the sid-msg.map
and the gen-msg.map files required for use by barnyard.  In another posting
I see someone made an awk/sed script to parse the rule files and output a
file of the format sid || msg for the sid-msg.map but I don't see anyone
talking about the gen-msg.map.  Can someone confirm the (sid || msg) format
for the sid file and explain what the gen-msg.map file is/does.  These seem
to be vital to barnyard's running but aren't really mentioned much
anywhere.
http://marc.theaimsgroup.com/?l=snort-users&m=103049142304170&w=2

Andy





More information about the Snort-users mailing list