[Snort-users] How Can I display the rule name instead of the ID with ACID?

From: Berta Alcala <berta83_at_nospam>
Date: Mon May 12 2008 - 09:04:14 GMT
To: snort-users@lists.sourceforge.net

I use snort+acid+mysql. When I display the alerts there is a "Signature" column that is the signature ID.
I need the "sig_name" field (which is the rule's description) instead of the sig_id. The problem is in the "acid_event" table, here there are "signature" and "sig_name", both with the same value, the ID. How can I do to get the description? there are a lot of files and I don't know which one I have to modify.

This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

This message: [ Message body ]
Next message: Joel Esler: "Re: [Snort-users] How Can I display the rule name instead of the ID with ACID?"
Previous message: Philippe Strauss: "[Snort-users] 2.8.1 or 2.8.2rc1: cannot configure custom output"
Next in thread: Joel Esler: "Re: [Snort-users] How Can I display the rule name instead of the ID with ACID?"
Reply: Joel Esler: "Re: [Snort-users] How Can I display the rule name instead of the ID with ACID?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]