Snort mailing list archives
Re: (no subject)
From: Mike Miller <mike () millertwinracing com>
Date: Sun, 23 Feb 2014 08:48:24 -0700
I'll run snort twice. Once without the -D (daemon) flag, and one with it when I'm sure Snort's running the way I want it. Running without the -D will let you scroll back through the output and find the 'XXXX rules out of YYYY total' line. We also have a timed script that pings all ends of our network with a large ICMP packet and a custom rule that says 'ICMP Healthyness Packet Detected'....if you map them out over time, you can see times where the network or the snort process was not happy. On Sun, Feb 23, 2014 at 6:21 AM, Joel Esler (jesler) <jesler () cisco com>wrote:
It will tell you at the end of the startup message. -- Joel Esler Sent from my iPhoneOn Feb 23, 2014, at 4:05, "Michal Šutta" <michal.sutta () gmail com> wrote: Hello, How can I find out how many rules is usinig snort ?------------------------------------------------------------------------------Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper.http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latestSnort news! ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- (no subject) Michal Šutta (Feb 23)
- Re: (no subject) Joel Esler (jesler) (Feb 23)
- Re: (no subject) Mike Miller (Feb 23)
- <Possible follow-ups>
- (no subject) basant subba (Mar 11)
- (no subject) JS (Mar 14)
- Re: (no subject) Joel Esler (jesler) (Feb 23)