Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Logging facilities...

From: peter.grosse-hering () ps ge com
Date: Mon, 12 May 2003 06:09:39 -0400
Hi,

With the implemenattion of the newest release, we want to change our logging
and alertig strategy. Now we want to downgrade rules from "alert"- to
"log"-action instead of using priorities. But: how can I log the "log" rules
in the same manner as the "alert" ones (e. g. as the format in alert_full or
alert_fast)??? Besides database logging or various binary formats, we just
want to log everything matching a rule to textfiles. Can anyone help?

Thank you,

Peter


Peter Große-Hering
IT-Consultant
GE Network Solutions
Europaring 60
40878 Ratingen
+49 (2102) 108-211
mailto:Peter.Grosse-Hering () ps ge com

Please visit our website at: http://www.gepower.com/networksolutions 



-------------------------------------------------------
Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
The only event dedicated to issues related to Linux enterprise solutions
www.enterpriselinuxforum.com

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: