[Snort-users] PulledPork and empty Emerging ruleset

Y M snort at ...15979...
Sat May 30 07:45:18 EDT 2015


ET rules do not include the metadata required to designate a rule to a rules policy. Check the metadata keyword in  a VRT/TALOS rule to see how. PulledPork uses this metadata to match the policy specified in command line with rules.
Use ET categories in enablesid.conf to enable by category.

Sent from Mobile




On Sat, May 30, 2015 at 4:39 AM -0700, "Robert Lasota" <wrkilu at ...3879...> wrote:
------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150530/806d4a32/attachment.html>
-------------- next part --------------
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!


More information about the Snort-users mailing list