What does "ET CHAT MSN status change" Mean

[namobud...@gmail.com]

Hello Group,

I'm trying to determine what "ET CHAT MSN status change" means in Squil? There isn't much documentation on what this alert means or indicates.

Thanks.

[Wes]

Namobud,

It is my impression that this indicates that traffic was noticed that is similar to that of a person's change in status (Available, Busy,etc) for an instant messaging application, particularly MSN messenger, Skype, Lync, etc, letting you know this may be a policy violation (if you do not allow IM, or a specific IM, etc)

You can see the definition in /etc/nsm/rules/downloaded.rules, and can modify it if you need to via modifysid.conf or through local.rules.

Thanks,
Wes