Introduce priority level for snort alerts.

[people/stevee/guardian.git] / guardian.conf.example

diff --git a/guardian.conf.example b/guardian.conf.example
index 2970257191d54908df3dcc856654278ccde445a1..1c861504880fc5c6e9f1c361fc0e27b8e82b0ba7 100644 (file)
--- a/guardian.conf.example
+++ b/guardian.conf.example
@@ -48,6 +48,11 @@ FirewallEngine = IPtables
 # Monitor_PARSER = /file/wich/should/be/monitored
 #
 # Currently supported parser modules are: HTTPD, OWNCLOUD, SNORT and SSH
+#
+# The snort parser allows to configure an optional priority level filter, which means, alerts
+# which are lower that this priority could be skipped. Valid levels are 1-4, with 1 being the highest
+# (omg, omg, omg) and 4 being the lowest (a packet has passed).
+# SnortPriorityLevel = "3"
 
 ## Optional settings