Re: [pfSense] Snort questions

On 11/6/15 5:47 PM, Sergii Cherkashyn wrote: Thank you John, but it doesn't seem to work. I can download the archive file, but inside it has Barnyard2 folder with int.waldo files in it and three more files - int.stats, alert and some snort_randomnumber file. none of them seems to be in pcap

[pfSense] Snort questions

> 2. Is there any way to see what exact traffic/pattern triggered the > Snort Alert? I know how to find the rule description that the > potentially harmful traffic matched, but interested to see the exact > traffic log that triggered the alert. I'd like to have more > information before

Re: [pfSense] Snort questions

On 11/5/2015 12:06 PM, Sergii Cherkashyn wrote: 2. Is there any way to see what exact traffic/pattern triggered the Snort Alert? I know how to find the rule description that the potentially harmful traffic matched, but interested to see the exact traffic log that triggered the alert. I'd like

[pfSense] Snort questions

Hi all, We have 2.2.4-RELEASE (amd64) with Snort 3.2.8.2 installed. Two questions: 1. What tool or what pfSense menu should we use to read the Snort interface statistics? The format that is available via Snort