[Snort-users] Difference of Alerts, Snort Logs, and Tcpdumps

frederick sonnichsen fsonnichsen at ...315...
Tue Mar 4 12:07:54 EST 2008


I am new  to snort and trying to upgrade a prior system. It appears that 
the old system collects Alerts, Snortlog.log and Tcpdump.log, however 
after reading the doc I am a little unclear on the meaning of  these. 
Are the snortlogs basically uncompressed versions of the tcpdumps? Also 
are the alerts a condensation of the snort logs?
Thanks,
Fritz





More information about the Snort-users mailing list