Menu
▾
▴
Re: [Snort-inline-users] Remote Logs
|
From: Ken G. <ken...@ro...> - 2005-08-11 15:45:40
|
I have this in the snort_inline.conf: output alert_syslog: LOG_AUTH LOG_ALERT Here is the commandline I'm using to run snort: snort-inline -D -c /etc/snort_inline/snort_inline.conf -Q -l /var/log/alert -t /var/log/snort_inline How can I get /var/log/alert to be sent to a remote syslog server? Or can I get those alerts to be controlled by syslog? What I am trying to achieve is get the snort logs into a remote syslog server. - Ken Ken Garland wrote: > How can I send it to a syslog server? > > Javier Reyna Padilla wrote: > >> You can send it to a syslog server, or maybe you want to log to a DB, >> but I do not Know If you can lof portscan2 remotely I think it did >> not use syslog. >> >> Ken Garland wrote: >> >>> I would like snort to send it's logs out remotely, how can I do that? >>> >>> >>> ------------------------------------------------------- >>> SF.Net email is Sponsored by the Better Software Conference & EXPO >>> September 19-22, 2005 * San Francisco, CA * Development Lifecycle >>> Practices >>> Agile & Plan-Driven Development * Managing Projects & Teams * >>> Testing & QA >>> Security * Process Improvement & Measurement * >>> http://www.sqe.com/bsce5sf >>> _______________________________________________ >>> Snort-inline-users mailing list >>> Sno...@li... >>> https://lists.sourceforge.net/lists/listinfo/snort-inline-users >>> >> >> > > > > ------------------------------------------------------- > SF.Net email is Sponsored by the Better Software Conference & EXPO > September 19-22, 2005 * San Francisco, CA * Development Lifecycle > Practices > Agile & Plan-Driven Development * Managing Projects & Teams * Testing > & QA > Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf > _______________________________________________ > Snort-inline-users mailing list > Sno...@li... > https://lists.sourceforge.net/lists/listinfo/snort-inline-users |
