|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andrew R. Baker (andrewb
snort.org)Date: Wed Jul 03 2002 - 08:56:53 CDT
Rajkumar S. wrote:
>
> Next is a silly question, What is the difference between an alert plugin
> and a log plugin? I have looked at the FAQ etc but could not find a
> definitive answer to this fundamental question.
There are a few differences between them. First, both log and alert
plugins will be called for alert rules, but only the log plugins will be
called for log rules. Secondly, they differ in the intent of the
plugin. Log plugins are intended to actually log the packet itself,
while alert plugins are intended to only provide a few key pieces of
information about the packet that triggered the alert. Also, some of
the log plugins will not report any information about the signature that
caused the packet to be logged.
Hope that helps,
Andrew
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
No, I will not fix your computer.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]