[Snort-users] Classification List and numeric values
snort at ...9544...
Wed Jul 9 16:59:20 EDT 2003
On a related question this topic, is there a way to get the numeric
values assigned to the classification list in classification.config?
The exact value I'm looking for is in the event.h, the struct
Event classification unsigned 32bit int.
I've looked through the code, but there's a lot of it, so i seem to
have missed it.
If there's a file that those values are in, pointing me in the right
direction would be wonderful.
Thanks for the help.
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal
This communication (including any attachments) is intended for the use of the intended
recipient only and may contain information that is confidential, privileged or legally
protected. Any unauthorized use or dissemination of this communication is strictly
prohibited. If you have received this communication in error, please immediately notify
the sender by return e-mail message and delete all copies of the original communication.
Thank you for your cooperation.
On Wed, 9 Jul 2003, Erek Adams wrote:
On Wed, 9 Jul 2003, Sudhakar Gummadi wrote:
> I was wondering where can I get the list of Classifications which come
> under (Priority: 1 Priority: 2 and Priority: 3) which are written to
> the (alert) log file.
> Right now I am generating email alerts only for Priority: 1. I do not
> want to miss some important alerts which come under Priority:2 and 3
> If I can get a complete list of alerts which corresponds to the 3
> classifications then it will be very helpful.
> Any suggestions really appreciated.
Or whatever the path to that file is. If you aren't sure where it is:
find . -type f -name classification.config -print
Or if it's installed:
"When things get weird, the weird turn pro." H.S. Thompson
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:
More information about the Snort-users