[Oisf-users] fast.log fields and vrt rules question

Leonard Jacobs ljacobs at netsecuris.com
Sat Jul 6 13:54:27 UTC 2013

This link might help you decipher the rules structure.


-----Original Message-----
From: oisf-users-bounces at openinfosecfoundation.org [mailto:oisf-users-bounces at openinfosecfoundation.org] On Behalf Of mouna amani
Sent: Saturday, July 06, 2013 6:32 AM
To: oisf-users at openinfosecfoundation.org; oisf-users-bounces at openinfosecfoundation.org
Subject: [Oisf-users] fast.log fields and vrt rules question

I got the following line in my fast.log

07/05/2013-20:33:47.183109  [**] [1:2101201:10] GPL WEB_SERVER 403 Forbidden [**] [Classification: Attempted Information Leak] [Priority:
2] {TCP} ->

 I would like to know what each field means :) any link will be helpful

I would like to use emmerging rules + VRT rules what url should I add to my oinkmaster.conf to download VRT rules ???
thanks :)
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
OISF: http://www.openinfosecfoundation.org/

More information about the Oisf-users mailing list