Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 6312 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos & snort

scaledem

Hello,

I was wondering if snort does some correlations ?

I mean something like : dont alert if the rule A has matched, but only alert if the rule A has matched and then the rule B has also matched.

Is Sophos able to do that or it does only match content for one packet?



This thread was automatically locked due to age.
Parents
  • 0
    Hi, and welcome to the UTM Community!

    That functionally is either built into each query, or it is not.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Hi, and welcome to the UTM Community!

    That functionally is either built into each query, or it is not.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner