[Snort-users] Snort - Logsurfer examples

Matt Howell mhowell at ...9084...
Thu May 1 15:01:09 EDT 2003

Due to a high volume of redundant alerts from swatch, I am finally
committing to setting up logsurfer. I have looked at the examples
available at:


I have seen many people making suggestions toward using logsurfer, but
from my searching of the list, I have not seen any posts of good rules. 
Can someone post a more verbose rule set?

I am new to the regex shorthand so I am trying to "learn through
example."  I also figured enough people are out there using it that
perhaps a discussion about the logsurfer rules might be beneficial...



More information about the Snort-users mailing list