[Snort-users] BASE sensor name

Joel Esler jesler at ...1935...
Mon Aug 1 10:47:15 EDT 2011


Huh.  Never heard that one before James.

How are you logging?  (output method)

You might want to try loading the bpf in a file and then calling the file through -F

Joel

On Aug 1, 2011, at 10:42 AM, Lay, James wrote:

> Hey all!
>  
> Real quick…seems like when I start snort with a tcpdump style filter (snort –c snort.conf “ip and not host blah blah blah”) my sensor name shows up as the sensorname:interface:tcpdumpfilter.  Anyone else seen anything like this?  It’s not a complete pain…just looks kinda dumb ;)  Didn’t see any fixes after googling, so I thought I’d ask here.  Thanks all..have a great week J
>  
> James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20110801/bc83ba93/attachment.html>


More information about the Snort-users mailing list