Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BASE or Snort Report ???

From: "Tilley, Brad" <rtilley () RADFORD EDU>
Date: Tue, 4 Jan 2011 16:06:11 -0500
From: J. L. Cabral [mailto:jelocabral () gmail com]

Because I see in BASE there is a file called base_conf.php which can be configured with some parameters for sending 
mail, but I've never understood the functionality


I believe that the email functionality in BASE (per my experience) is used to send data from queries manually. It's not 
intended to automatically email you each time a certain alert comes in. I use the email functionality of BASE to send 
packet details to others, or myself for later when I have more time to look it over. That's about it.


I don't understand how to choose the alerts I need to get...so I suppose is the same in Snorby, but maybe not....


You'll want to receive alerts that matter to your systems, networks, etc. That varies based on many things. 

Brad

------------------------------------------------------------------------------
Learn how Oracle Real Application Clusters (RAC) One Node allows customers
to consolidate database storage, standardize their database environment, and, 
should the need arise, upgrade to a full multi-node Oracle RAC database 
without downtime or disruption
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: