Snort mailing list archives
RE: Email alerts for ACID
From: "Semerjian, Ohanes" <Semerjian.Ohanes () wcom com au>
Date: Mon, 8 Jul 2002 11:32:50 +0800
G'day All, Since this subject is on the table, here is my question and hope someone could assist. I'm logging Snort alerts to Mysql and using ACID also, what trying to achieve is to get the alerts to my mailbox then I'll investigate the alerts of interest (not using swatch, coz I don't wana log twice)rather me spending time checking the ACID everyday. Best Regards Ohanes Semerjian -----Original Message----- From: Poppi, Sandro [mailto:Sandro.Poppi () wacker com] Sent: Saturday, 6 July 2002 0:23 To: 'Graham Cooper'; Hicks, John; snort-users () lists sourceforge net Subject: AW: [Snort-users] Email alerts for ACID Hi, I use Mandrake's packages. You might take a look on my HOWTO at http://www.lug-burghausen.org/projects/index.html#snort-stat HTH, Sandro
Hi All, I have tried setting up Swatch to send alerts from my log files, but am having dependency problems with the "perl-File-Tail-xx" file, i.e. I cannot find a suitable RPM/Source for the Redhat 7.2 distro. This is relating to installing Swatch to send Snort alerts via email. Can anyone help ? Many Thanks in advance. Regards, Graham Cooper Servecast. -----Original Message----- From: Hicks, John [mailto:JHicks () JUSTICE GC CA] Sent: 04 July 2002 16:49 To: Graham Cooper; snort-users () lists sourceforge net Subject: RE: [Snort-users] Email alerts for ACID All you need to do is make the PHP see a valid SMTP server. THis server doesn't have to be local, just a useable one. ACID info is avail iin the FAQ here: http://www.andrew.cmu.edu/~rdanyliw/snort/acid_faq.html#faq_b11 The following lines are to be set up in c:\winnt\php.ini (default location): [mail function] ; For Win32 only. SMTP = [IPADDRESS] ; for Win32 only ; For Win32 only. sendmail_from = root@localhost ; for Win32 only ; For Unix only. You may supply arguments as well (default: 'sendmail -t -i'). ;sendmail_path = Obviously, this is setup for Win32 SMTP. I'm not to sure when this file is in *nix, but it's there somewhere. HTH, John Hicks -----Original Message----- From: Graham Cooper [mailto:gcooper () servecast com] Sent: Thursday, July 04, 2002 5:49 AM To: snort-users () lists sourceforge net Subject: [Snort-users] Email alerts for ACID Hi There, I am trying to set up email alerting for alerts that are logged from Snort to MySQL/ACID (on RedHat 7.2). Do I need to set up Sendmail on the Linux box to send the email alerts ?, also is there configuration required in PHP ? I can't seem to find any info on this - can anyone point me in the right direction ? Regards, Graham Cooper Servecast --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.372 / Virus Database: 207 - Release Date: 20/06/2002 ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Caffeinated soap. No kidding. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.372 / Virus Database: 207 - Release Date: 20/06/2002 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.372 / Virus Database: 207 - Release Date: 20/06/2002 ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Bringing you mounds of caffeinated joy. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Bringing you mounds of caffeinated joy. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek We have stuff for geeks like you. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Email alerts for ACID Graham Cooper (Jul 04)
- <Possible follow-ups>
- RE: Email alerts for ACID Hicks, John (Jul 04)
- RE: Email alerts for ACID Graham Cooper (Jul 05)
- RE: Email alerts for ACID Semerjian, Ohanes (Jul 07)
- RE: Email alerts for ACID Erek Adams (Jul 07)
- RE: Email alerts for ACID Graham Cooper (Jul 08)