Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Parsing snort alerts?

From: Erek Adams <erek () theadamsfamily net>
Date: Mon, 27 Aug 2001 06:56:15 -0700 (PDT)
On Sun, 26 Aug 2001, Daniel Swan wrote:


I'm having trouble parsing the present format of snort alerts.  In
particular, I don't understand the nature and purpose of the following
part of the alerts:

[x:xxx:x]

(x being any digit of course)

What is this?


This is voodoo.  Be scared.

;)

Have a look at http://snort.sourcefire.com/docs/faq.html#3.14 .  Dig down into
that and you'll see where Marty explains what it acutally is, what they mean,
and how to read them.

Enjoy!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: