snortintrusion-detection

Snort Output - Traffic Type Recognition


Snort does a lot of work and outputs some useful statistics when it is done. Is there any way to find out the type of traffics and type of attacks that snort has detected, other than alerting system? How to recognize the type of traffic in the snort output statistics?


Solution

  • Without alerting system and log messaging system, the type of traffic will not be recognized in snort. Output statistics contains stat data of various parts in the system used by snort.