Other than writing a separate script that runs nfdump & pipes the output
into an e-mail, is it possible to provide details on who, or what, triggered
an alert?
For example, if an alert matches based on a certain port number, why not
send the pertinent information in the alert e-mail sent by NfSen?
Here's what I get when an alert that matches tcp/6660-6667 is hit:
"Alert 'IRC' triggered at timeslot 200708291445"
It would be useful to show the flow that triggered that alert in the e-mail.
--
Eric Cables
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
