how can I open snort alert.ids
Can I open the Snort alert.ids file in WireShark or do I need to configure Snort to create a different alerts log file?
Wireshark can't open any Snort alert output format. Is there a format that contains full frames?
https://gitlab.com/wireshark/wireshar... describes how Wireshark can load pcap files and feed them through Snort, then show where/how in the capture any alerts were detected. The Snort post-dissector doesn't currently work for Windows.
To enter a block of code:
Comments