[Sguil-devel] Sguil - Packet Analysis
Status: Beta
Brought to you by:
bamm
Menu
▾
▴
[Sguil-devel] Sguil - Packet Analysis
|
From: Kristy M. <tim...@gm...> - 2013-09-05 19:22:55
|
Greetings! I'm really hoping someone can help me with Sguil. I've figured out how to query for alerts and export them to a csv file (easiest format for me to use with what I'm working on) but I can't seem to find a way to match the alerts with the specific traffic (i.e. the packet) that triggered the alert on a large scale. I can obviously see the packet data from the alert screen but I need a way to export some of that info (the IP ID would probably work). Any thoughts? Thanks! Kristy |