How to make PFsense more senses by configuring the Snort
-
I realized the SNORT module is not capturing the correct and useful information. How can I configure it to be able to capture the data?
Is there anything I need to install?
-
Look in Services -> Snort -> Alerts.
I've found its better to run snort on the internal interface as if you use it on the WAN it logs the WAN address not the client that is natted.