Re: Generate alert but not log packet data

[Alberto Gonzalez <electron () wwjh net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sorry, can't say I know a way to accomplish this with snort. Maybe some of 
the others know a way? is this even possible with snort?

> Sorry, I meant that I want a couple of rules to just alert and not log. 
> I do want all the other rules to log the packet data.  I have created a 
> couple of alerts that I just need the alert data for and in the interest 
> of saving some disk space I would like to disregard the packet data and 
> not save it.  However I still want the packet data from all the other 
> alerts just not the two custom rules I wrote.  Is this possible?
>
> Thanks for the previous response.
>
>
> Shawn Truax
> Security Specialist
> Corporate Security
> Toronto, Ontario

Cheers!
  Alberto Gonzalez

- -- 
"Success comes to the person who does today, what you are thinking of doing tomorrow." 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+aatYORajRLkA7bARAmOUAJ93RqAPaYz1bD2bZTGsbDhRq93MhwCdGWGt
cegRQF5JNAnSo41WpUZvdrY=
=IzJq
-----END PGP SIGNATURE-----



-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users