[Snort-users] Output Plugin writing

eschnei at ...14108... eschnei at ...14108...
Thu Apr 26 15:19:14 EDT 2007


Hi,
I am a new snort user, I've been able to write some customized rules and
look at different output options snort provides as a default. I want to
have it only called when I hit my customized rules, and then based on the
rule it hits and the attributes for the rule, I want the alert and packet
data written to a specific file that isn't the alert file the other snort
rules use. That being said, I am having trouble setting up the plugin, the
different functions that need to be inside of it so snort can use it. 
Does anybody have a good template I might be able to use?  Thanks for your
help.

Brian




More information about the Snort-users mailing list