Re: [Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!

From: Joel Esler <jesler_at_nospam>
Date: Mon Jun 13 2011 - 16:45:38 GMT
To: Russ Combs <rcombs@sourcefire.com>

On Jun 13, 2011, at 12:13 PM, Russ Combs wrote:

> Does the HTTP, SMTP, etc. logging take place in its own thread, or
> does it block the detection thread?
>
> No - logging is in the main thread

It is included in the unified2 output file, use the u2spewfoo tool included with Snort to see this.

Barnyard2 developers (Snorby et all), if they want to to include this output in their tools, will have to update to handle this new output.

Joel

------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev

_______________________________________________
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel

This message: [ Message body ]
Next message: beenph: "Re: [Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!"
Previous message: Asim Jamshed: "[Snort-devel] Flow Management in SnortSP"
In reply to: Russ Combs: "Re: [Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!"
Next in thread: beenph: "Re: [Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!"
Reply: beenph: "Re: [Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]