[Snort-users] How Can I display the rule name instead of the ID with ACID?

Berta Alcala berta83 at ...11827...
Mon May 12 05:04:14 EDT 2008


I use snort+acid+mysql. When I display the alerts there is a "Signature"
column that is the signature ID.
I need the "sig_name" field (which is the rule's description) instead of the
sig_id. The problem is in the "acid_event" table, here there are "signature"
and "sig_name", both with the same value, the ID.
How can I do to get the description? there are a lot of files and I don't
know which one I have to modify.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20080512/b834cbcb/attachment.html>


More information about the Snort-users mailing list