RE: [Snort-users] syslog messages

This is a multi-part message in MIME format.

------=_NextPart_000_000C_01C3EBD4.29DD9F10
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Take a look at log.c

That will give you an understanding of how the reporting relates to the
rules definitions.

Your question depends on your implementation.

-----Original Message-----
From: snort-users-admin@lists.sourceforge.net
[mailto:snort-users-admin@lists.sourceforge.net]On Behalf Of Henri
Chevallier
Sent: Wednesday, February 04, 2004 1:21 PM
To: snort-users@lists.sourceforge.net
Subject: [Snort-users] syslog messages


Hello,

I'd like to analyze my SNORT's logs and would like therefore to know ALL
the messages that SNORT can send. Does someone know where I can find that ?

Thanks

Henri Chevallier

------=_NextPart_000_000C_01C3EBD4.29DD9F10
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1276" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><SPAN class=3D316223315-05022004><FONT face=3DArial color=3D#0000ff =
size=3D2>Take a=20
look at log.c</FONT></SPAN></DIV>
<DIV><SPAN class=3D316223315-05022004><FONT face=3DArial color=3D#0000ff =

size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D316223315-05022004><FONT face=3DArial color=3D#0000ff =
size=3D2>That=20
will give you an understanding of how the reporting relates to the rules =

definitions.</FONT></SPAN></DIV>
<DIV><SPAN class=3D316223315-05022004><FONT face=3DArial color=3D#0000ff =

size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D316223315-05022004><FONT face=3DArial color=3D#0000ff =
size=3D2>Your=20
question depends on your implementation.</FONT>&nbsp;</SPAN></DIV>
<DIV><SPAN class=3D316223315-05022004></SPAN><FONT face=3DTahoma><FONT =
size=3D2><SPAN=20
class=3D316223315-05022004><FONT face=3DArial=20
color=3D#0000ff>&nbsp;</FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT face=3DTahoma><FONT size=3D2><SPAN=20
class=3D316223315-05022004>&nbsp;</SPAN>-----Original =
Message-----<BR><B>From:</B>=20
snort-users-admin@lists.sourceforge.net=20
[mailto:snort-users-admin@lists.sourceforge.net]<B>On Behalf Of =
</B>Henri=20
Chevallier<BR><B>Sent:</B> Wednesday, February 04, 2004 1:21 =
PM<BR><B>To:</B>=20
snort-users@lists.sourceforge.net<BR><B>Subject:</B> [Snort-users] =
syslog=20
messages<BR><BR></DIV></FONT></FONT>
<BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
<DIV><FONT face=3DArial size=3D2>Hello,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I'd like to analyze my SNORT's logs =
and would=20
like therefore to know ALL the messages that SNORT can send. Does =
someone know=20
where I can find that ?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Thanks</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; Henri=20
Chevallier</FONT></DIV></BLOCKQUOTE></BODY></HTML>

------=_NextPart_000_000C_01C3EBD4.29DD9F10--



-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users