Snort mailing list archives
Configuring output plugins
From: darek <darek () nyi net>
Date: Fri, 09 Aug 2002 12:14:32 -0400
Hey guys, I am trying to send alerts for locally defined rules (local.rules) to a logfile only, and all other alerts to Syslog.
In my snort.conf I defined: ruletype art { type log output alert_full: snort.log } and in my local.rules I have: art tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS ( whatever; )It doesnt appear to work. I am trying to understand the docs but they can be pretty tricky. Mayhaps someone could help with the syntax or shed some light on the whole output plugin system.
Thanks in advance. ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Configuring output plugins darek (Aug 09)