[Snort-users] Difference of Alerts, Snort Logs, and Tcpdumps
fsonnichsen at ...315...
Tue Mar 4 12:07:54 EST 2008
I am new to snort and trying to upgrade a prior system. It appears that
the old system collects Alerts, Snortlog.log and Tcpdump.log, however
after reading the doc I am a little unclear on the meaning of these.
Are the snortlogs basically uncompressed versions of the tcpdumps? Also
are the alerts a condensation of the snort logs?
More information about the Snort-users