On 14/08/2012 12:20, Peter Haag wrote: > On 14/8/12 10:29 AM, Jiang Le wrote: >> I think more details on alert email would be helpful. For example, I setup >> an alert for packets of top 1 any ip address > 3M. The alert email looks >> like this: >> >> Alert triggered at timeslot 201208131925. >> >> IP Address: 10.0.0.3 > It basically explains you all you were asking for. Due to the flexibility of > compiling alerts, it not so easy to generate more details. I'm open for ideas. Its very easy to write a small alert plugin to mail out a more detailed response if needed. I'd suggest that is the better method than adding too much to the default alert.
Example available on request. Vince > > - Peter >> >> >> ------------------------------------------------------------------------------ >> Live Security Virtual Conference >> Exclusive live event will cover all the ways today's security and >> threat landscape has changed and how IT managers can respond. Discussions >> will include endpoint security, mobile security and the latest in malware >> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ >> >> >> >> _______________________________________________ >> Nfsen-discuss mailing list >> Nfsen-discuss@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss >> ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Nfsen-discuss mailing list Nfsen-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
