[Snort-users] snort + mysql
pmelson at ...11827...
Thu Apr 24 20:59:37 EDT 2008
On Wed, Apr 23, 2008 at 3:52 PM, Joel Esler <joel.esler at ...1935...> wrote:
> Sguil shows which packets are dropped? And, on that end.. Arcsight does?
Since drops show up wherever you send 'full' logs to, I would think
anything that can handle full logs would display drop messages. I
have done this successfully with ArcSight, but I admit that I was just
guessing about Sguil. But mostly, I was hassling you. :-)
More information about the Snort-users