Snort does a lot of work and outputs some useful statistics when it is done. Is there any way to find out the type of traffics and type of attacks that snort has detected, other than alerting system? How to recognize the type of traffic in the snort output statistics?
Asked
Active
Viewed 84 times
2 Answers
0
Without alerting system and log messaging system, the type of traffic will not be recognized in snort. Output statistics contains stat data of various parts in the system used by snort.
Lakshmi Balan
- 198
- 12
0
Have you tried the appid preprocessor?
https://github.com/vrtadmin/snort-faq/blob/master/docs/README.appid
eugenioperez
- 627
- 7
- 15
-
I didn't use this appid preprocessor. But still it recognizes the type of traffic only in logs as mentioned in the link. About my answer, I tried and come with the answer. – Lakshmi Balan Apr 10 '17 at 06:59