Snort mailing list archives
Re: Need to find running snort rule version
From: Nigel Houghton <nhoughton () sourcefire com>
Date: Thu, 13 Oct 2011 19:43:11 -0400
What do they mean by "rule version"? I thought that oinkmaster came with a script that produces a sid-msg.map, is the information they seek not in the generated sid-msg.map? On Oct 13, 2011, at 6:52 PM, ccie 6862 wrote:
Oinkmaster is updating the rules daily, and it appears to be successful as the rules have the current time stamp and information within the rules themselves. Some auditors want a printout of the rule version. I can open the rules and take individual snapshots, but is there something I can do that will provide the versions of all rules at once? Thanks ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
-- Nigel Houghton Head Mentalist SF VRT Department of Intelligence Excellence http://vrt-blog.snort.org/ && http://labs.snort.org/ ------------------------------------------------------------------------------ All the data continuously generated in your IT infrastructure contains a definitive record of customers, application performance, security threats, fraudulent activity and more. Splunk takes this data and makes sense of it. Business sense. IT sense. Common sense. http://p.sf.net/sfu/splunk-d2d-oct _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Need to find running snort rule version ccie 6862 (Oct 13)
- Re: Need to find running snort rule version Nigel Houghton (Oct 13)
- Re: Need to find running snort rule version James Lay (Oct 13)
- Re: Need to find running snort rule version Nigel Houghton (Oct 13)