|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Snort-users] About the ruletype syntax
From: Brian (bmc
snort.org)
Date: Thu Jan 29 2004 - 11:23:23 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Jan 24, 2004 at 02:49:59PM +0000, sutra wrote:
> I wondering if there is a better documentation about the ruletype syntax
> thant the UserManual. Add to this i d like to know if there isn't a
> misstype in this documentation page 13 about the syntax to use in
> ruletype, when it s written
<snip>
You are correct, there is a typo. I've fixed it in CVS. Thanks for
pointing it out. Your example below is correct.
> ruletype redalert{
> type alert
> output alert_syslog: LOG_AUTH LOG_ALERT
> output database: log, mysql, user=snort dbname=snort host=localhost
> }
Brian
-------------------------------------------------------
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open Tools Development and Integration
See the breadth of Eclipse activity. February 3-5 in Anaheim, CA.
http://www.eclipsecon.org/osdn
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]