[Snort-users] Snort-Swatch

Keaton, Lindamaria LKeaton at ...10093...
Tue Sep 23 11:26:04 EDT 2003


/usr/bin/local/snort -c /etc/snort/snort.conf 

-----Original Message-----
From: jon baer
To: snort-users at lists.sourceforge.net
Sent: 9/19/03 1:16 PM
Subject: Re: [Snort-users] Snort-Swatch

what is the command line you are using to start up snort?
 
- jon

----- Original Message ----- 
From: Keaton,  <mailto:LKeaton at ...10093...> Lindamaria 
To: snort-users at lists.sourceforge.net
<mailto:snort-users at lists.sourceforge.net>  
Sent: Friday, September 19, 2003 6:31 PM
Subject: [Snort-users] Snort-Swatch


Is anyone using swatch to email alerts? 

If so, can someone tell me how to configure swatch to send entire
content of an alert. Right now I'm getting alerts send but this is all
I'm getting in the body of the email.

TCP TTL:64 TOS:0x0 ID:33690 IpLen:20 DgmLen:1500 DF. 

I would like to see source, destination, time, and what the actually
alert is. Anyone have any ideas? 

Lindamaria E. Keaton 
Security Administrator 
Union Safe Deposit Bank 
209.946.5173 






More information about the Snort-users mailing list