[Discussion] Text in Msgs

• Previous message (by thread): [Discussion] new thread: biggest threats
• Next message (by thread): [Discussion] Text in Msgs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Would anyone be interested in the ability to insert captured text into
the alert text of an event?

For instance, I was just looking at a few hits on " ET POLICY exe
download via HTTP". It'd be nice for that to say:

 ET POLICY exe download via HTTP
(down.onlinedowns.net/page/image/yahoons.exe)

Quick way to decide if that was something of interest or not without
having to dig into payload.

What does everyone think?

Matt

-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc

• Previous message (by thread): [Discussion] new thread: biggest threats
• Next message (by thread): [Discussion] Text in Msgs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]