[Snort-users] BASE rule display
firewalz at ...11827...
Tue Nov 17 08:45:33 EST 2009
Thanks for your response, I went to the link as suggested and added
2899096 as a feature request for the next release.
The ability to view a rule, in its entirety, which triggers an event. This
would aid in the learning process, increase a users ability to tune rules
and understand why specific traffic is matching a particular rule."
On Tue, Nov 17, 2009 at 7:42 AM, Randal T. Rioux <randy at ...13561...> wrote:
> This is a pretty good idea. If you could, please go to the feature
> request page at SourceForge and add this. I'll take a look at it and see
> what I can do to implement this into the next release:
> While you're at it, if you're a regular user you might want to join
> BASE's own mailing list, as this one is Snort-specific:
> Joel Esler wrote:
>> Base does not have that present functionality. They provide the
>> ability to link to a rule.
>> On Monday, November 16, 2009, firewalZ <firewalz at ...11827...> wrote:
>>> Im a bit new to Snort/Base and Im wondering if there a way to get BASE
>>> to display the full text of a rule that fires an alert, this would
>>> really help the learning process.
More information about the Snort-users