Snort Blocked Alert Description Error



  • When running Snort package 2.1.1 there is an error with the Alert Description in the blocked tab.

    When a destination IP is blocked the alert description is 'n/a'.
    When a source IP is blocked the alert description is populated with the proper description.



  • Probably this is a side effect of the parser in php for the alerts that was never written to handle dst alerts.


Log in to reply