Snort mailing list archives
Multiple alerts for a single packets
From: Hadass Harel <hadass.harel () gmail com>
Date: Wed, 19 Oct 2005 10:28:15 +0000
Hi, I will appreciate getting information for the following questions: 1. If a packet matches more than one rule do I recieve multiple alerts for it or does Snort alerts only the first? 2. In case of multiple alerts for a single packet - can I set a limit to the amount of alerts I will get for a single packet? can I unite all the alerts to a single alert?? Thanks, Hadass
Current thread:
- Multiple alerts for a single packets Hadass Harel (Nov 01)
- RE: Multiple alerts for a single packets Paul Melson (Nov 01)
- Re: Multiple alerts for a single packets Joel Esler (Nov 01)
- <Possible follow-ups>
- RE: Multiple alerts for a single packets Briggs, Bruce (Nov 01)