Snort mailing list archives
Re: Syslog,MySql, IDS Center /Eagle X
From: Ueli Kistler <iuk () gmx ch>
Date: Mon, 19 May 2003 19:25:54 +0200
Hello McBurnett, Jim wrote: .. <snip>
I tried to add Syslog to it and Bingo-- It crashes every time it sends a message.. I tried to send to an external syslog.. no go. I tried an on Machine Syslog.No go.. System has 3 NICS, and I am using the 2nd NIC.
Snort 2.0:add an syslog output plugin in the output plugin wizard.. then click on apply. Now go to "IDS rules" again, where the Snort configuration editor is (Snort.conf).. scroll down until you find "output syslog: .."
now change it to something like this: * output alert_syslog: LOG_AUTH LOG_ALERT * output alert_syslog: host=hostname, LOG_AUTH LOG_ALERT * output alert_syslog: host=hostname:port, LOG_AUTH LOG_ALERT - Save - Click on "Apply" (note from chris reid: For Win32, the remote host/port information has been moved into the snort.conf file. See the "alert_syslog" option in snort.conf. The reason for this was to make the command line options more compatible with the *nix version of snort.) Regards, Ueli Kistler eclipse () engagesecurity com www.engagesecurity.com -- ------------------------------------------------------- This SF.net email is sponsored by: If flattening out C++ or Javacode to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software.
http://www.objectstore.net/sourceforge _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Syslog,MySql, IDS Center /Eagle X McBurnett, Jim (May 19)
- Re: Syslog,MySql, IDS Center /Eagle X Ueli Kistler (May 19)
- Re: Syslog,MySql, IDS Center /Eagle X Ueli Kistler (May 19)
- <Possible follow-ups>
- RE: Syslog,MySql, IDS Center /Eagle X McBurnett, Jim (May 19)