Snort mailing list archives
Re: alert_unixsock
From: Frank Knobbe <frank () knobbe us>
Date: Thu, 16 Oct 2003 20:51:27 -0500
On Thu, 2003-10-16 at 18:13, Erek Adams wrote:
On Thu, 16 Oct 2003, [iso-8859-1] NicĀ¤ wrote:Is it possible to get a snort rule example with the alert_unixsock used please ?It's not a per rule item. All alerts go to a UNIX based socket, and can be picked up from another program via that socket.
Unless you create a custom alert that uses Unixsock and configure select rules to use the custom alert. :P Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- alert_unixsock William Morris (Oct 02)
- <Possible follow-ups>
- alert_unixsock NicĀ¤ (Oct 16)
- Re: alert_unixsock Erek Adams (Oct 16)
- Re: alert_unixsock Frank Knobbe (Oct 16)
- Re: alert_unixsock Erek Adams (Oct 22)
- Re: alert_unixsock Erek Adams (Oct 16)