About the forensic analysis log tab – Network Instruments GigaStor 114ff User Manual

Starting Forensic Analysis using Snort rules

Chapter 6 Forensic Analysis using Snort

99

rev. 1

results, you may want to adjust preprocessor settings to
eliminate these conditions. Intruders often attempt to exceed
the limitations of forensic analysis to hide malicious content.

The right-click menu lets you examine the rule that triggered the alert
(if applicable). It also lets you jump to web-based threat references
such as bugtraq for further information about the alert. These
references must be coded into the Snort rule to be available from the
right-click menu.

About the Forensic Analysis Log tab

The Forensic Analysis Log comprehensively lists all rule alerts and
preprocessor events in a table, letting you sort individual occurrences
by priority, classification, rule ID, or any other column heading. Just
click on the column heading to sort the alerts by the given criteria.

Figure 71 Forensic Analysis Log tab

The right-click menu lets you examine the rule that triggered the alert
(if applicable). It also lets you jump to web-based threat references
such as bugtraq for further information about the alert. These
references must be coded into the Snort rule to be available from the