[Bro] Alarms in 2.0
Tyler T. Schoenke
tyler.schoenke at colorado.edu
Wed Apr 11 14:29:28 PDT 2012
Two questions regarding Alarms in 2.0.
First, I created a signature and wanted to reduce the frequency that it
fires. Does anyone have sample code for SIG_ALARM_PER_ORIG or some
other way to send out a single alarm per source IP?
Second, I configured the MailAlarmsTo setting, but the Alarms are still
going to the MailTo (bromessage@) address. I also tried setting
MailAlarms = True. What am I doing wrong?
Network Security Manager
IT Security Office
University of Colorado at Boulder
More information about the Bro