[Snort-users] Alerting unified or (fast) ASCII?
edin.dizdarevic at ...7509...
Wed Oct 20 06:55:36 EDT 2004
can anyone give me a hint, what kind of alerting in terms of performance
is to prefer:
- Unified alerting w. by
- ASCII alerting in fast mode (-A fast)
My assumption is that it should not really matter or advantage to the
ASCII-Mode respectievely. After all a second by instance for alerting
(besides logging) is needed.
Thx & regards,
More information about the Snort-users