[Snort-users] Dynamic Rules
bamm.visscher at ...11827...
Fri Oct 20 15:46:32 EDT 2006
I just started looking at dynamic rules and had a question about
logging. The gen id is hardcoded to 3 and it appears any alert that
goes thru unfied and barnyard is going to have a msg of "snort dynamic
alert". Has there been any discussion about creating a map file for
these rules/alerts, or am I missing something?
Also, is there any decent docs out there for compiling these rules?
sguil - The Analyst Console for NSM
More information about the Snort-users