BASE 1.0.2 Unexpected Result /Inconsistency

["Briggs, Bruce" <Bruce.Briggs () suny edu>]

1. select an alert Signature from the list.
    you get a detail list of the alert packets
2. select Unique Addresses   Destination
    you get a list of destination IP addrs and packet counts
3. select one of the addresses by clicking on the appropriate IP Address
field
    the value listed in Occurrences as Dest. is the count of all packets
for that IP addr in the database, not those for   this specific alert
Signature
4. select the count field.
    the list displays only packets for the alert Signature for that IP
addr

I would expect consistency.
a) I should get a count in 3. above of only packets from that IP addr
matching the alert Signature, because that is the list that is displayed
in 4.
- or -
b) in 4. above, I should get all packets matching that IP addr.

My preference is for b).

Bruce



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users