[Oisf-users] Most rules fail to load
Rich Rumble
richrumble at gmail.com
Sat Jan 2 22:27:22 UTC 2010
That certainly helps!! I did find the file in my Snort /etc/ directory
[9685] 2/1/2010 -- 17:22:33 - (detect.c:349) <Info>
(SigLoadSignatures) -- Loading rule file: test.rule
[9685] 2/1/2010 -- 17:22:33 - (detect.c:268) <Info>
(DetectLoadSigFile) -- 1 successfully loaded from file test.rule.
[9685] 2/1/2010 -- 17:22:33 - (detect.c:374) <Info>
(SigLoadSignatures) -- 13358 rules loaded from 71 files.
[9685] 2/1/2010 -- 17:22:33 - (detect-engine-sigorder.c:787) <Info>
(SCSigOrderSignatures) -- ordering signatures in memory
SCSigOrderSignatures: Total Signatures to be processed by
thesigordering module: 13395
[9685] 2/1/2010 -- 17:22:51 - (detect-engine-sigorder.c:828) <Info>
(SCSigOrderSignatures) -- total signatures reordered by the
sigordering module: 13395
Thanks!
On Sat, Jan 2, 2010 at 5:03 PM, William Metcalf
<william.metcalf at gmail.com> wrote:
> Currently you need a valid classification.config file which can be found in
> the snort source or in the brt rules. I think in the future will get rid of
> this requirement by setting some sane default classification and priority if
> the file is not present
>
> Regards,
>
> Will
More information about the Oisf-users
mailing list