[Oisf-users] Knowing the sid from the alert generated

[Anoop Saldanha]

On Tue, Aug 20, 2013 at 6:55 PM, mouna amani
<amani.smiai.insat at gmail.com> wrote:
> I got alerts generated but I could not find the sid of the alert????????
> I am using emergimg threats as rules
> I want to know the sid of it so I can use modifysid from oinkmaster to make
> it drop
> Any example or help will be great thanks
>
>

The sid is the middle one from [<gid>:<sid>:<rev>] from the alert.
You should be able to locate this sequence in your alert.

-- 
-------------------------------
Anoop Saldanha
http://www.poona.me
-------------------------------