[Dshield] snort_18_syslog.pl

Josh Beckett josh at theoubliette.net
Fri Nov 2 02:56:54 GMT 2001


I don't recall there being a recommended minimum option(s) that we should be
running snort with to ensure compatibility for dshield log format.  Did I
miss something?  I have been submitting logs for about 5 - 6 months now and
am interested in improving the quality of my reporting, if necessary.

Could be helpful to put some recommended options on the snort client section
of the site.

-----Original Message-----
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org]On
Behalf Of Johannes B. Ullrich
Sent: Thursday, November 01, 2001 9:27 AM
To: dshield at dshield.org
Subject: RE: [Dshield] snort_18_syslog.pl


Some of them do not to be suitable
for dshield, as the information is too limited. But most of them are ok.

Thanks!

- --
- -------
jullrich at sans.org                    Join http://www.DShield.org





More information about the list mailing list