Re: [Snort-users] Generate alert but not log packet data

From: Alberto Gonzalez <electron(at)wwjh.net>
Date: Sat Mar 08 2003 - 03:35:33 EST

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry, can't say I know a way to accomplish this with snort. Maybe some of the others know a way? is this even possible with snort?

> Sorry, I meant that I want a couple of rules to just alert and not log.
> I do want all the other rules to log the packet data. I have created a
> couple of alerts that I just need the alert data for and in the interest
> of saving some disk space I would like to disregard the packet data and
> not save it. However I still want the packet data from all the other
> alerts just not the two custom rules I wrote. Is this possible?
>
> Thanks for the previous response.
>
>
> Shawn Truax
> Security Specialist

Cheers!
  Alberto Gonzalez

• -- "Success comes to the person who does today, what you are thinking of doing tomorrow."

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+aatYORajRLkA7bARAmOUAJ93RqAPaYz1bD2bZTGsbDhRq93MhwCdGWGt cegRQF5JNAnSo41WpUZvdrY=
=IzJq
-----END PGP SIGNATURE-----

---

This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com

---

Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users Received on Sat Mar 8 03:44:00 2003