[Snort-users] Realistic maximum priorities

Snort User snort at ...9544...
Fri Jul 11 10:22:04 EDT 2003


  I'm working on integrating snort with some other IDS systems for
correlation purposes. My question involves the priorities snort generates.
I've noticed that none of my generated alerts seem to go past prio 5.

  Is there a logical limit to the max priority that the developers have
set for existing/added bundled rules.
If there isn't one, I'll just chunk everything after 5 together in one big
bunch, but it would be nice if there was more precision.

  Looking at the archives, I couldn't find anything on this topic, so
maybe someone here can help. :)
Thanks a bunch,

Randy

http://www.frenzy.org ICQ: 32276169
"Sed Quis Custodiet Ipsos Custodes?" -Juvenal

This communication (including any attachments) is intended for the use of the intended
recipient only and may contain information that is confidential, privileged or legally
protected. Any unauthorized use or dissemination of this communication is strictly
prohibited. If you have received this communication in error, please immediately notify
the sender by return e-mail message and delete all copies of the original communication.
Thank you for your cooperation.









More information about the Snort-users mailing list