Snort mailing list archives

RE: Re: email alerting in acid

From: "Ronneil Camara" <ronneilc () remingtonltd com>
Date: Thu, 6 Dec 2001 12:02:26 -0600

-----Original Message-----
From: Phil Lyons [mailto:plyons () hotmail com]
Sent: Thursday, December 06, 2001 10:02 AM
To: snort-users () lists sourceforge net
Cc: arvind () controlnet co in
Subject: [Snort-users] Re: Snort-users digest, Vol 1 #1379 - 15 msgs

Hi,
You can also use swatch to do realtime email alerts as well.  
see: http://www.enteract.com/~lspitz/swatch.html  for setup examples &

link to download site.

HTH,


Since I'm using ACID, what I really wanted was something that can email
me when the snortbox sees a suspicuous or real attack. Can swatch do
this? Or are there other programs that does realtime checking of snort
logs and mails us?

What exactly is a good idea to set this up? Should I store the traffic
to the snort db and /var/log/snort in snort.conf?

Thanks again.

Neil

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

RE: Re: email alerting in acid Ronneil Camara (Dec 06)
- <Possible follow-ups>
- RE: Re: email alerting in acid Phil Lyons (Dec 06)