[Snort-users] snort + mysql

Paul Melson pmelson at ...11827...
Thu Apr 24 20:59:37 EDT 2008


On Wed, Apr 23, 2008 at 3:52 PM, Joel Esler <joel.esler at ...1935...> wrote:
> Sguil shows which packets are dropped?  And, on that end..  Arcsight does?

Since drops show up wherever you send 'full' logs to, I would think
anything that can handle full logs would display drop messages.  I
have done this successfully with ArcSight, but I admit that I was just
guessing about Sguil.  But mostly, I was hassling you. :-)

PaulM




More information about the Snort-users mailing list