Snort mailing list archives
Snort ---> syslog
From: spy <spyguy703 () earthlink net>
Date: Wed, 22 May 2002 08:04:55 -0700
Anyone have any experience with snort logging to syslog? I have a few questions before i 'try' it. 1) Are logs and alerts LACKING useful data that you would normally get with regular snort logging? 2) Are you using any correlation tools like NetForensics or something else? 3) Can you send syslog from multiple snort sensors to one syslog server and run swatch? If yes, what do you like/not like about doing it this way? Thanks in advance! spyguy ------------------------------------------------------- Sponsored by: ThinkGeek at http://www.ThinkGeek.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort ---> syslog spy (Jun 20)
- RE: Snort ---> syslog Michael Steele (Jun 21)
- RE: Snort ---> syslog Don (Jun 21)
- RE: Snort ---> syslog Michael Steele (Jun 21)
- RE: Snort ---> syslog Don (Jun 21)
- RE: Snort ---> syslog Michael Steele (Jun 21)