246


Appendix E     SNML DTD


     The snml can stand for "Snort Markup Language" when used with


     the snort IDS or as the "Simple Network Markup Language" when


     used in multi vendor IDS environments.  


     Comments or questions can be directed to:


                 Roman Danyliw 


   >








 | The sensor element contains information that can be used to 


 | uniquely identify the source which detected the event.


 | It always contains a hostname.  Optionally, a


 | sensor filter, a data source filename, or an ip address 


 | and network interface may be given. 


   >






 | sensor attributes


 |   format  = encoding format of the packet payload (data)


 |   detail  = defines which protocol fields will be present


 |              fast   limited information


 |              full   the full packet will be present


   >




          format (base64|ascii|hex) #REQUIRED


          detail (fast|full)        #REQUIRED


>












 | Contains a string representing a network interface


 |   e.g., eth0, ppp0, hme0, etc. 


   > 










footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      toronto web hosting

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Cheap Web Hosting
JSP Web Hosting
Ontario Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Java Hosting
Cheapest Hosting



Visionwebhosting.net Business web hosting division of Vision Web Hosting Inc.. All rights reserved