[Oisf-devel] Suricata fastlog [pcap file packet:]
Kenneth Steele
ken at tilera.com
Mon Nov 11 20:07:51 UTC 2013
When Suricata processes packets from a pcap file, some alerts in the fast.log output have "[pcap file packet: NNNN]" appended, where NNNN is the packet number from the pcap file.
This makes the fast.log file generated by Suricata running from live traffic and from pcap files different. Is this additional information useful?
Regards,
-Ken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20131111/68853d8f/attachment.html>
More information about the Oisf-devel
mailing list