On Wed, 5 Sep 2012, mindman101 wrote:
Hello Sec users,
I've written two PairWithWindow rules that just differs on the order they match
events.
The first rule waits for a first event like this:
Link down on interface FastEthernet and ip 10.10.10.10
and waits for a second event unitl 10
In message alpine.deb.2.02.1209051632420.31...@asgard.lang.hm,
da...@lang.hm writes:
On Wed, 5 Sep 2012, mindman101 wrote:
I've written two PairWithWindow rules that just differs on the order they
match events.
The first rule waits for a first event like this:
Link down on interface
In message 201209060153.q861rr5u022...@mx1.cs.umb.edu,
John P. Rouillard writes:
However this is an odd set of rules. What are you trying to do? Just
determine if event 1 and event 2 occur within 10 seconds of each other
regardless of the order in which they arrive? If so see
...
I forgot to
