[Snort-users] Alerting unified or (fast) ASCII?

Edin Dizdarevic edin.dizdarevic at ...7509...
Wed Oct 20 06:55:36 EDT 2004


Hello,

can anyone give me a hint, what kind of alerting in terms of performance
is to prefer:

- Unified alerting w. by
- ASCII alerting in fast mode (-A fast)

My assumption is that it should not really matter or advantage to the
ASCII-Mode respectievely. After all a second by instance for alerting
(besides logging) is needed.

Thx & regards,
Edin

-- 
Edin Dizdarevic




More information about the Snort-users mailing list