josh at theoubliette.net
Fri Nov 2 02:56:54 GMT 2001
I don't recall there being a recommended minimum option(s) that we should be
running snort with to ensure compatibility for dshield log format. Did I
miss something? I have been submitting logs for about 5 - 6 months now and
am interested in improving the quality of my reporting, if necessary.
Could be helpful to put some recommended options on the snort client section
of the site.
From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org]On
Behalf Of Johannes B. Ullrich
Sent: Thursday, November 01, 2001 9:27 AM
To: dshield at dshield.org
Subject: RE: [Dshield] snort_18_syslog.pl
Some of them do not to be suitable
for dshield, as the information is too limited. But most of them are ok.
jullrich at sans.org Join http://www.DShield.org
More information about the list