EFW Support
Welcome,
Guest
. Please
login
or
register
.
Did you miss your
activation email?
Saturday 30 November 2024, 01:47:24 pm
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
Visit the official Endian Community Mailinglist
HERE
14261
Posts in
4377
Topics by
6517
Members
Latest Member:
Sandro
Search:
Advanced search
EFW Support
Development
EFW Wishlist
Better search for snort rules
0 Members and 1 Guest are viewing this topic.
« previous
next »
Pages:
[
1
]
Author
Topic: Better search for snort rules (Read 22670 times)
Ricard
Full Member
Offline
Posts: 11
Better search for snort rules
«
on:
Saturday 29 March 2014, 04:21:18 am »
Search engine of the snort rules is quite useless and hard to use. It would be great if we can search a rule according log alerts.
In example, we see this alert in the log window:
snort[15224]: [1:
2003195
:5] ET POLICY Unusual number of DNS....
and the related rule is this:
2003195
ET POLICY Unusual number of DNS No Such Name Responses
However, a search using the GUI is unable to find "2003195" or any other related text of that alert. The search field only is able to find the name of the snort rule category ("POLICY").
In some cases it forces to a search across many pages of the category. This is very slow.
Logged
Pages:
[
1
]
« previous
next »
Jump to:
Please select a destination:
-----------------------------
Announcements
-----------------------------
=> Project News
=> Latest News and Updates
-----------------------------
Support
-----------------------------
=> General Support
=> Installation Support
=> EFW SMTP, HTTP, SIP, FTP Proxy Support
=> VPN Support
=> Hardware Support
-----------------------------
Development
-----------------------------
=> EFW Wishlist
=> Contribute Your Customisations & Modifications
Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2
|
SMF © 2001-2005, Lewis Media
Design by
7dana.com