[Snort-users] Snort - Logsurfer examples
mhowell at ...9084...
Thu May 1 15:01:09 EDT 2003
Due to a high volume of redundant alerts from swatch, I am finally
committing to setting up logsurfer. I have looked at the examples
I have seen many people making suggestions toward using logsurfer, but
from my searching of the list, I have not seen any posts of good rules.
Can someone post a more verbose rule set?
I am new to the regex shorthand so I am trying to "learn through
example." I also figured enough people are out there using it that
perhaps a discussion about the logsurfer rules might be beneficial...
More information about the Snort-users