Home page logo

snort logo Snort mailing list archives

[Dynamic Preprocessor] How to log packet and output alert: genSnortEvent or alertAdd?
From: Hai Minh Nguyen <lightsea90 () gmail com>
Date: Mon, 20 May 2013 16:23:50 +0700


I'm developing a dynamic preprocessor by DPX. After processing a packet, I
might generate an alert and log that packet for later analyzing if I found
it abnormal.

My problem:
I found 2 member of DynamicPreprocessorData struct: alertAdd and
genSnortEvent. I supposed those could help me. But I dont understand the
difference between 2 member yet. Which of them should I choose for my
purpose? If you know any other way, feel free to raise your idea.


Kiếm ma độc cô cầu bại - Ôi, một đời oanh liệt, chỉ mong được chiến bại một
lần, nhưng chưa ai qua nổi quá tam chiêu!!!
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
Snort-devel mailing list
Snort-devel () lists sourceforge net

Please visit http://blog.snort.org for the latest news about Snort!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]