Snort mailing list archives

Re: Remote Syslogging.

From: Erek Adams <erek () theadamsfamily net>
Date: Fri, 6 Dec 2002 11:35:20 -0800 (PST)

On Fri, 6 Dec 2002, Patrick Williams wrote:

I add the syslog switch, -s, and put this statement in my syslog.conf,
"*snort*        @managmentserverIP           #Forward Snort msg to mgmt
station"


[...snip...]

Well, for one, there is not facility called 'snort'.  Snort defaults to
use auth.alert for it's syslog info, but that can be changed.

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Remote Syslogging. Patrick Williams (Dec 06)
- Re: Remote Syslogging. Demetri Mouratis (Dec 06)
- Re: Remote Syslogging. Erek Adams (Dec 06)