[Oisf-users] Relating packets to alerts

[Luis Escamilla]

Is it possible to identify in an eve log which of the tagged packets correspond to certain alert? I have been doing it by flow id, but many times, the flow id is related to multiple alerts
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20190327/69357819/attachment.html>