how can I open snort alert.ids
Can I open the Snort alert.ids file in WireShark or do I need to configure Snort to create a different alerts log file?
add a comment
Wireshark can't open any Snort alert output format. Is there a format that contains full frames?
https://gitlab.com/wireshark/wireshar... describes how Wireshark can load pcap files and feed them through Snort, then show where/how in the capture any alerts were detected. The Snort post-dissector doesn't currently work for Windows.
Asked: 2020-12-03 16:49:14 +0000
Seen: 607 times
Last updated: Dec 03 '20