[Snort-users] keeping certain rules from logging packets
Long, Kerry S
kslong at ...312...
Fri Apr 11 10:03:54 EDT 2014
I am trying to determine in this is possible:
I have some alerts that are quite noisy, but I want these rules noisy. I however do not want them to log packets. I have other rules I most definitely want the packets logged for. I can't figure out how to keep some of my "alert" messages from logging packets.
I can eliminate all packet logging by using the "-N" switch, but that is counterproductive. Any advice would be appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users